Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic flows to wan not other subnet

    Scheduled Pinned Locked Moved Routing and Multi WAN
    7 Posts 3 Posters 138 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      greatbush
      last edited by

      Good day

      I am having issues routing traffic between different subnets

      ea3a541f-e5ea-4f34-98f9-962a634a8ee9-image.png

      Switch A = Unifi
      Switch B = Cisco

      The cisco is a layer 3 switch. It has multiple vlan with their ip address.
      I have set a default route on the switch to 10.20.160.6
      On the cisco switch i created vlan 160, 10.20.160. 6 and vlan 10.
      Vlan 10 does not have an ip but both assigned tagged to port 1 on the cisco switch

      On pfsense i created an interface for the cisco switch and the ip address i gave this interface is 10.20.160.6.

      Now the issue i am having is that traffic from switch B goes into the internet but i cant get that same traffic to reach any of the other interfaces eg (storage).

      I have spent several days trying to fix this issue. I have allowed rules to allow traffic from switch b interface(vlan 160) and interface server(vlan 10,my server interface)

      I don't understand why traffic is reaching the internet but not other gateway on pfsense?
      Do i need to create another gateway on pfsense?

      system > routing > gateway?
      system > routing > static routes??

      Thank you

      W 1 Reply Last reply Reply Quote 0
      • W
        Wyatt341 @greatbush
        last edited by

        @greatbush fnf mods said in Traffic flows to wan not other subnet:

        Good day

        I am having issues routing traffic between different subnets

        ea3a541f-e5ea-4f34-98f9-962a634a8ee9-image.png

        Switch A = Unifi
        Switch B = Cisco

        The cisco is a layer 3 switch. It has multiple vlan with their ip address.
        I have set a default route on the switch to 10.20.160.6
        On the cisco switch i created vlan 160, 10.20.160. 6 and vlan 10.
        Vlan 10 does not have an ip but both assigned tagged to port 1 on the cisco switch

        On pfsense i created an interface for the cisco switch and the ip address i gave this interface is 10.20.160.6.

        Now the issue i am having is that traffic from switch B goes into the internet but i cant get that same traffic to reach any of the other interfaces eg (storage).

        I have spent several days trying to fix this issue. I have allowed rules to allow traffic from switch b interface(vlan 160) and interface server(vlan 10,my server interface)

        I don't understand why traffic is reaching the internet but not other gateway on pfsense?
        Do i need to create another gateway on pfsense?

        system > routing > gateway?
        system > routing > static routes??

        Thank you

        It seems that the problem lies in the internal routing between VLANs not being set up properly on pfSense. Although traffic from switch B can go out to the internet (because the default route is configured), if the static routes or firewall rules in pfSense do not allow traffic to go to other internal networks (for example VLAN 10 - storage), the packets will not reach their destination. You should check the System > Routing > Static Routes section to make sure that pfSense knows how to route to other internal subnets, and also verify in the Firewall Rules that traffic between VLANs is allowed to pass.

        G 1 Reply Last reply Reply Quote 0
        • G
          greatbush @Wyatt341
          last edited by

          @Wyatt341 Theres is nothing under System > Routing > Static Routes.
          I am pretty sure its not firewall rules because when i look at the firewall logs i can see traffic being let througfh

          chpalmerC 1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer @greatbush
            last edited by

            @greatbush

            Need more information. Are you trying to route the multiple subnets on the pfsense device, the Ubiquity device or on the Cisco device?

            Seems from your picture you are just using the pfsense device as a multiple WAN "failover" style device.

            What is the purpose of the Unify device? What model is the Unify device?

            Same questions for the Cisco device.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            G 1 Reply Last reply Reply Quote 0
            • G
              greatbush @chpalmer
              last edited by

              @chpalmer
              I am trying to route the subnets through the pfsense device. I replaced the cisco switch with another unifi switch. Both models are Unifi USW-24-G1.
              I have a successful ping from devices connected to switch-b (10.20.160.x) to the gateway on pfsense (10.20.160.6)

              @Wyatt341
              switch a interface: 172.16.20.1/24
              switch b interface:10.20.160.6/24
              I am trying to create a route from switch a to switch b

              system => routing => gateway
              interface: switch-b interface
              gateway: ?? (the ip address i gave switch-b interface 10.10.160.6 or can this be another ip address on the same subnet and must this be a physical device)

              System > Routing > Static Routes
              Destination Network: Switch A ip (172.16.20.0/24)
              Gateway: gateway defined above on the cisco switch

              G 1 Reply Last reply Reply Quote 0
              • G
                greatbush @greatbush
                last edited by

                @greatbush i created a gateway (system-> routing-> gateway) for switch be. The address i used is the interface ip address 10.10.160.6.
                I created a rule from the 172.x.x.x. to the 10.x.x.x.x network and specified the gateway i created to be used. I still don't see traffic going through

                chpalmerC 1 Reply Last reply Reply Quote 0
                • chpalmerC
                  chpalmer @greatbush
                  last edited by

                  @greatbush You have to route somewhere.. In my mind that appears like your switch "a" is in place to do that.

                  Otherwise the pfsense box has to have a VLAN set up on the LAN interface that is connected to switch A so that it knows that subnet is there to route.

                  Share your LAN settings of your pfsense box. All of them that are related. The forum crystal ball is broken.

                  Screenshots are best.

                  Triggering snowflakes one by one..
                  Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.