Our branch office is unable to connect to our internal network for some reason. However we can connect to the branch office domain controller from behind PfSense. The following is our setup:

                    |Branch DC - 192.168.0.101
                    |
                    |Branch Firewall - 192.168.0.2
                    |
                    |(Internet)
                    |
                    |Local Firewall - 192.168.3.1
                    |
                    |PFSense WAN port - 192.168.3.100
                    |PFSense LAN port - 192.168.1.1
                    |
                    |
   DC1 - 192.168.1.2|DC2 - 192.168.1.4

• Branch DC can ping and connect to PFSense WebGUI on the WAN port successfully (we set this up using the PfSense documentation).
• DC1 and DC2 can connect outbound to the Branch DC.

There seems to be a rule that prevents internal access on the WAN port. However our rules are set to allow all traffic on the LAN and WAN ports. It would be ideal to just disable the firewall altogether since we already have a firewall but when we do this, PfSense doesn't allow any internal traffic at all. I look forward to any assistance and thank you ahead of time.