Intervlan communication
-
Hi,
I have these two systems, trying to communicate between VLANs (pfSense on IP - 10.0.xxx.3 on all VLANs)
System1
- IP 10.0.100.11, gateway 10.0.100.3 - VLAN100
- IP 10.0.80.11, VLAN80
- IP 10.0.40.11, VLAN40
- IP 10.0.30.11, VLAN30
- IP 10.0.20.11, VLAN20
System2
- IP 10.0.50.84 - gateway 10.0.50.3 - VLAN50
I have a rule
10.0.50.* to VLAN40 on VLAN40 interface (and 10.0.50.* IPs get to 10.0.40.11)
But I cannot seem to be able to make the reverse work, as it seems to travel on VLAN100 interface instead of VLAN40 or VLAN50, probably because of the default gateway of the related system (System1):
I tried almost anything (on VLAN50, VLAN50 and VLAN100 interface), but cannot find a way to open the traffic from the System1 10.0.40.11 IP to 10.0.50.* IPs.
Is there a way to solve this?
-
@Urbaman75 did you configure a static route?
AFAIK see that would be needed, since two systems (routers) are part of that 10.0.X. network.
Here: https://docs.netgate.com/pfsense/en/latest/routing/static.html -
Adding a
IP 10.0.50.11, VLAN50
On System1
solved the problem, actually adding a route on the right VLAN instead of going through the default (VLAN100)
Thank you!
-
@Urbaman75 glad you could bring it to life...;) thanx for your feedback.
-
@Urbaman75 said in Intervlan communication:
solved the problem, actually adding a route on the right VLAN instead of going through the default (VLAN100)
I am not sure how you have these systems connected together or how your network is all connected.. But if you have two routers.. And you have different networks hanging off them.. To get to networks on the different router, the routers should be connected via a transit/connector network.. And the appropriate routes setup on each, with the appropriate firewall rules on the transit and your other vlans to control who can talk to who etc..
A transit network is a network that connects router that does not have hosts on it, used to transit from one router to another.
Simple drawing of such a setup.
