When you ping LAN3 from LAN1 can you see the packets on pfSense 3 and do they have the correct IPs?
If yes, can you see them on the internal interface?

te VM sofware locking VLAN packet!

Not really sure why this is a difficult question.

WAN1 Uses Static (NOTHING ELSE)
LAN either uses WAN1 or WAN2 depending on Failover State
WAN2 Uses OpenVPN (NOTHING ELSE)

@The_G said in Pfsense home lab vlan connectivity issue:

Windows 7 192.168.2.100/24 - can’t ping any other interfaces

The default pfSense LAN interface, 192.168.1.1/24, has a default firewall that passes ICMP just fine.

The OPT1 interface - or whatever name you gave it - has no GUI firewall rules. So, by default, nothing** enters. That includes ICMP.
So, what firewall rule did you put on OPT1 ?

** there are some exceptions, as DHCP traffic.

@viragomann said in Cannot access webservers through vpn that are on a different gateway:

@silvered-dragon said in Cannot access webservers through vpn that are on a different gateway:

if I masquerade the remote networks on the central mikrotik behind the lan interface, things works.

So the only two reasons for failing without that I can think off are

the route doesn't work the destination server itself blocks the access

Blocking access from outside its own subnet is the default behavior of system firewalls, however, a webserver should be configured to accept access from anywhere. I assume, the server is accessible from the internet.

@silvered-dragon said in Cannot access webservers through vpn that are on a different gateway:

But honestly I'm not sure that masquerading the remote lan is a good practice.

The only one drawback is that you cannot identify the real source address on the destination device, as long as you do the masquerading only for the remote lan.

I'm 100% sure that there is no issue related on the servers side cause I created new vms with basic configuration, and I cannot access nothing in tcp even a simple debian+ssh

@viragomann super helpful thank you!

@Rico said in Meaning of the Globe Icon:

The Icon shows your default Gateway.

-Rico

Oh I didn't know this either. Thank you!

Omg i had the same issue, and struggled to find a solution. I just saw ur post (it would have been more helpful if i would have had this information while struggling haha) but very helpful! this worked for me too

@netblues thank you this was very helpful!

@techsalot Didn't work

@Peter-Nunn Well, this is a high level description.
You need to understand how multiwan works and adapt it to your specific needs.
Questions are welcome

@serbus Yeah, I thought about something involving different src IPs. I wouldn't even need something with RDP, could just set up a proxy and bounce the traffic off of that... but that's still a work-around. It's a better work-around than fiddling with the firewall rules though, and I already have a Raspberry Pi running my Unifi controller that would be perfectly fine to run nginx as a reverse proxy in front of one of the modems.

IMO, this should be something that's possible on a competent router/firewall, without involving any other equipment.