Communication Between LANs
-
I'm running version "1.2.3-RELEASE" with a single WAN and I have 2 LANs named LAN and LAN2. LAN is 10.0.0.200/24 and LAN2 is 192.168.1.1/28. I have an alternative DHCP server under LAN which dishes out 10.0.0.100-200 so DHCP for this interface is off in PFsense. On LAN2, DHCP is on using PFsense's dhcp server with a range of 192.168.1.2-14. I have outbound NAT configured for both subnets, and both can get on the internet. I've set up firewall rules to allow traffic from LAN to LAN, but I still cannot get them to "talk", even after a reboot. Here are screen shots for the different firewall rules.
I've tried using ping straight from pfsense in diagnostics in the web interface and I cannot ping across LANs. "Request timed out." Looking at the routing table, everything is there and seems to be right, so I figure its got to be a firewall issue. Any help is greatly appreciated. Thanks! -
why did you add the second rule on each interface?
if you did it off the bat without trying the top rule, remove them
-
I just tried it by leaving only the top rules, and then by removing all rules on LAN2, but still keeping the top rule on "LAN". None of which let me ping from subnet to subnet. Just for the record, I'm trying to ping the IP addresses of the NICS on the pfsense router.
-
I've found that with only the top rule on both, I can ping a node on the LAN subnet from the LAN2 subnet in the pfsense interface, however, I cannot ping the gateways. And when I actually go to a node in the LAN2 subnet , I cannot ping anything in the LAN subnet.
-
with the top two rules you should be able to ping pfSense. your second lan is a /28, is that what you wanted?
-
Yes. This whole configuration was just for learning purposes. I wanted to see if I could get a bunch of random networks with different subnets to communicate with one another. I finally assumed that there was some underlying problem, so I set up an additional router from a fresh install. It had 3 nics. LAN was 192.168.1.1/28, WAN was 10.0.0.39/24, and OPT1 was 192.168.1.16/28. I got everything in the entire building to communicate seamlessly, but I couldn't get RIPv2 to populate the routing tables, and I had to configure static routes. Anyway, I don't know what the problem is with the router, but I got it to work fine on another, even more complicated setup. Thank you for help.
-
Glad you got it figured out.
Next time, please let us know that this is for testing/learning purposes.