• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Can't Ping with static IP address inter vlans

Scheduled Pinned Locked Moved Routing and Multi WAN
6 Posts 2 Posters 2.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    sousket
    last edited by Aug 2, 2016, 9:55 AM Aug 2, 2016, 9:50 AM

    Hello,

    i'm currently on setup with my lab, and i have a problem with routing multi VLAN.

    I have a server on OVH (with ESXi), so i have my public IP, and i just adding a failover IP with PFsense.

    On my PFsense, i have 3 VLANs :

    • LAN (just default LAN on 192.168.1.X).
    • VLAN10 (tag 10) : 10.0.10.20 - 200 with gateway 10.0.10.1 (but i don't have create a specific gateway on gateway menu). DHCP enable.
    • VLAN20 (tag 20) : 10.0.20.20 - 200 with gateway 10.0.20.1 (same as VLAN10). DHCP enable.

    Firewall rules are : VLAN10 to any, and VLAN20 to any

    On VLAN10, one DC : 10.0.10.20
    ON VLAN20, one server : 10.0.20.20

    On each i can ping from VLAN10 to VLAN20 when servers are on dynamics IP (and inversly).

    The problem is that when i change IP on static on windows (with same IP as dynamics), i can't ping any servers.

    from my DC (VLAN10), i can't ping my server on VLAN20 (and inversly).

    No firewalls enable on servers.

    Thx for your help !

    1 Reply Last reply Reply Quote 0
    • V
      viragomann
      last edited by Aug 2, 2016, 12:01 PM

      Have you also added the gateway to the host manually when changing to static IP?

      1 Reply Last reply Reply Quote 0
      • S
        sousket
        last edited by Aug 2, 2016, 12:18 PM Aug 2, 2016, 12:14 PM

        when i change IP from dynamic to static yes, i add :

        10.0.10.20
        255.0.0.0
        10.0.10.1

        and DNS himself because it's DC / DNS server (127.0.0.1).

        On my second server :

        10.0.20.20
        255.0.0.0
        10.0.20.1

        DNS : 10.0.10.20 (first server DC so).

        But ping is KO on static IP. Only working with dynamics IP (and same IP).

        Note : "Bypass firewall rules for traffic on the same interface" under System>Adv, Firewall/NAT is check.

        1 Reply Last reply Reply Quote 0
        • V
          viragomann
          last edited by Aug 2, 2016, 12:58 PM

          Your network mask is to large!
          So both clients think the other IP is in its own subnet and don't direct packet to the gateway.

          1 Reply Last reply Reply Quote 0
          • S
            sousket
            last edited by Aug 2, 2016, 1:21 PM

            Ho sorry !!! Yes after modification it's ok now :) !

            But now my problem is that on VLAN10 and VLAN20, i don't have internet access. When I ping 8.8.8.8 from my DC or the other one :

            ping 8.8.8.8 :
            Reply from 10.0.10.1: Destination host unreachable.

            To resume i can't exit from VLAN10 / 20 gateway :(

            1 Reply Last reply Reply Quote 0
            • V
              viragomann
              last edited by Aug 2, 2016, 1:29 PM

              Maybe the outbound NAT isn't working properly.

              I don't know if pfSense adds the outbound NAT rule correctly for vLANs or maybe your outbound NAT is set for manual rule generation. Check the rules in Firewall > NAT > Outbound.

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received