Ask Your Question

Revision history [back]

Some weeks ago I have wrote an email to a Openstack user, Jose Castro, for having an opinion about my problem with pfSense and he found a solution.

You must add allowed_address_pairs to LAN pfsense port and everythingis working:

neutron port-update <LAN_pfsense_uuid> --allowed-address-pairs
type=dict list=true mac_address=<MAC_LAN_pfsense>,ip_address=0.0.0.0/0

With this port extension, neutron create a iptables rule that allow packets to LAN pfsense from any IP and everything is working.

Very thanks to Jose for solution of the problem