No WAN access from certain VLANs

ehuk · Mar 8, 2009, 2:32 PM

Hi Guys,

This is a strange one….

I have 3 machines on separate VLANs:

CentOS 1: VLAN 8 (10.31.3.0/24)
CentOS 2: VLAN 10 (10.31.5.0/24)
Windows: VLAN 12 (10.31.7.0/24)

All VLANs have "any any any" rules to allow access, and therefore all VLANs have the same firewall settings.

VLAN 10 can access the WAN. The others cannot, VLANs 8 and 12 can access each others VLANs but not WAN.

I have been pulling my hair out about this, I am sure it is something simple, but I can't see what it is!

I should also note, I am running CARP with two PFsense boxes on two separate switches (with 2 x WAN).

CentOS 1 has network bonding on the interface, so I thought this might be a problem, but the windows machine has only 1 NIC enabled and has the same problems.

Any input would be much appreciated!

jimp · Mar 8, 2009, 3:02 PM

You mention multi-wan, are you by chance also using AON/Manual Outbound NAT?

If so, do you actually have outbound NAT rules defined for the vlan 8 and vlan 12 networks?

ehuk · Mar 8, 2009, 3:12 PM

Ahhh I new it was something simple like that!

I had 10.30.1.0/24 outbound which I changed to 10.0.0.0/8

:o thats a shocker! Thank you!

jimp · Mar 8, 2009, 3:47 PM

You're welcme :)

I'm glad it was such an easy fix!