pfSense is running on i3-4130 / HP motherboard / 4Gb DDR3 / Intel integrated NIC + Intel PT1000 dual NIC.
FreeNAS/Plex is running on A10-5800K / F2A85-M / 8Gb DDR3 / Intel i350-T4 Quad NIC (LACP protocol)
Plex server is set up and running, I can access it from my Windows PC and everything works. Plex only has access to media dataset on FreeNAS.
Now I want to create routing from OPT1 network to Plex server so my Phone and Chromecast can access this media also.
First I created rule to allow devices in OPT1 to access Plex server (192.168.5.33):
(new users can only put 2 images in post, so heres a link: https://imgur.com/Qp7LP54 )
Obviously this doesnt work because these devices are in .30.xx /24 network while plex is in .5.xx /24 network.
So I tried to create routing between the networks.
I created additional gateway to OPT1:
(new users can only put 2 images in post, so heres a link: https://imgur.com/eQkBCGK )
Then I tried to create static route from this gateway to .5 network, but I get error:
You don’t need to do any static routing, so you should get rid of that and the additional gateways and anything else like that.
What you need to do is create a firewall rule on the interface that has the devices you want to access plex, which allows traffic from those devices to the plex server.
So the rule I did, should work? Allowing whole OPT1 network to speak to 192.168.5.33.
As OPT1 devides are in different network than plex server, should I then use different subnet mask to allow these devices talk to eachother? /16 in both networks?
edit: actually… bridging would be better way? So both LAN and OPT1 into same subnet, lets say 192.168.5.0 and I could still use firewall rules between these interfaces normally.
No you just need that firewall rule, you don’t need to do anything else. So long as there isn’t a rule above it which overrides it then it will work. Leave the subnets and everything else as they are.
@Divi As per @Dexter_Kane, you will have implicit routing rules already for directly connected networks. This is what your subnet mask on an interface does - it tells your device that “anything on 192.168.5.0/24 is reachable on the wire out of this interface”.
There’s no need to add specific routes as they are already present based on your interface’s network mask.
This should help with Plex discovery on the network.
You also need an Allow rule from IOT crap to Plex IP as stated above.
You could do it differently by turning the IOT crap Interface into a VLAN interface and the adding that VLAN interface to FreeNAS and Plex so that no L3 routing through the router is needed. You would need a managed switch.
I solved it by bridging the interfaces so I have one network (192.168.5.0/24) with one DHCP server for both interfaces. I can still manage the traffic between interfaces via rules so I think this is the best option for me.
Something I’m confused with is “source” when setting firewall rules for plex for example.
This is what I have now. It works as Plex is working well on nvidia shield that is connected in OPT1 interface.
However if I set source to “OPT1_IOT_ROSKAT net”, then I cant access Plex server frop OPT1… This dosn’t seem right?
edit: maybe because of bridge setup? Netgate docs says: " LAN net - The subnet configured on the LAN interface under Interfaces > LAN . On pfSense 2.2+, this also includes IP alias networks on that interface." Because of bridge setup there are no subnet configured on my interface (OPT1 in this case), settings for network in this interface are coming from LAN interface.
