This should be super simple. but for some reason it’s not.

I’ve got pfsense installed as a VM. Three bridged interfaces. 1 for wan, 1 for lan, 1 for lan2

I want traffic allowed to my machine on lan2 to lan1. There are two rules setup on each lan. IPV4* allowed to any, and source lan1 to dest lan2 and mirrored on the other lan as well. Also any protocol.

Running a traceroute shows it hitting the router, and then going off to fuck knows where. 12+ hits of * * * . So this makes me think it’s going out to the internet for some reason.

But I have no idea why this would be happening. This is the latest build (afaik) and is a relatively new install, should be almost stock. The only things I’ve done is add a VPN interface, with no outbound nat rules for it (and have since disabled it.) But even after creating the rules to allow traffic for all protocol between the two I get nothing.

tell me what info you need I can’t access proxmox!


Can you screenshot the firewall rules page for each lan? But you should set the source to any unless the source is a specific host, and destination always needs to be on a different interface (or the interface address).

I do want to allow to only a single host but I want to actually have traffic make it first.

Here’s the rules. Ignore OpenVPN, the interface and service is disabled at present.

Solved it. Moved some wires around, Lan was totally disconnected.

It’s working because you’re allowing everything but some of those rules don’t do anything. On the LAN interface page the roomie net to lan net rule does nothing because the source address has to be an address on the source interface (LAN) and the destination has to be on another interface, so that rule should be on the roomie net interface instead. Same goes for the LAN net to roomie net rule.

But without any block (or deny) rules you’re just allowing all traffic anyway.

