Pfsense Access LAN through WAN (ping, shared folders etc)

Question

My network setup is like this

{Internet} <-> (Goverment Router) <-> (pfSense with http and https interception)<->(LAN Switch) <-> Many pcs on the LAN

On the goverment router there are some more pcs (servers mostly) that have to stay in that network.

The problem i have is that i cannot ping or browse a lan pc through wan.

To be more specific: Goverment router : Range = 10.217.75.1-255

PfSense WAN IP =10.217.75.250

PfSense LAN IP =10.217.76.1

Lan Subnet Range = 10.217.76.2-255

So, from a pc on the wan let's say 10.217.75.73 i can ping to 10.217.75.250 (obviously) and 10.217.76.1 (lan GW) but there everything stops

I know that if I permit lan browsing through wan i lose the meaning of firewall but...that's the way they want it to be.

LSS: I want a kind of rule to allow browsing my lan network through any pc in my wan network Is that possible i've tried some simple rules like destination * and source * but they didn't work. I've also seen some solution with virtual ips etc...but that was for one or two server ips and not for many pcs? Any solution!? Thanks in advance.

Answer 1

Are you able to ping a 75.x device from the 76.x network? If so, your problem is most likely NAT running on the pfsense box.

https://doc.pfsense.org/index.php/Outbound_NAT

If you disable NAT and it doesn't help (or makes matters worse) then the problem is likely with routing. If the government router doesn't have a route configured for the 76.x network, then it will receive packets destined for 76.x but not know where to forward them. In this case, you will need to configure a static route to the 76.x network or use some routing protocol for the same effect.