Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN-only gateway for static route

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    4 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      belmow
      last edited by

      I'm currently using version 2.0-RC1 (i386) built on Tue May 3 05:44:10 EDT 2011

      I have a static route that points to a gateway on the LAN side of pfsense.  The gateway to get to the Internet is a separate one that is on the WAN side.  It seems that at some point overnight pfsense starts trying to send Internet-bound packets to the gateway that's on the LAN instead of the normal one on the WAN.  I assume that since I've added this second gateway (which is on the LAN) that pfsense is treating this like a dual-WAN setup and is losing contact with the normal Internet gateway at some point causing it to start trying to use the second gateway (which isn't actually an Internet gateway) instead.  Is there a way for me to add static routes involving a LAN-side gateway without this gateway being treated like a dual-WAN setup?

      1 Reply Last reply Reply Quote 0
      • B
        belmow
        last edited by

        Sorry forgot to mention why I believe that pfsense is sending packets to the LAN-side gateway instead of the WAN-side gateway.

        When this happens people start to report that they can no longer reach the Internet.  What ended up putting me on this track was that from a LAN-side client I ran 'traceroute -n yahoo.com".  The first hop went to pfsense which is normal, but rather than the second hop being to my WAN gateway the second hop was the LAN-side gateway.  The LAN-side gateway uses pfsense as its default gateway so it passes it back to pfsense which passes it back to the LAN-side gateway and so on in a loop until the TTL is reached.

        1 Reply Last reply Reply Quote 0
        • P
          photonman
          last edited by

          try putting no gateway on the LAN side.

          what is the reason for specifying a LAN side gateway in pfs?

          1 Reply Last reply Reply Quote 0
          • B
            belmow
            last edited by

            I have a testing network that I need to keep somewhat separate from the LAN.  The only reason I need pfsense to even know about this network is we have people that need to PPTP in on the WAN and be able to talk to machines on this test network.

            Basically it looks like:  Internet -> pfSense -> LAN network (10.1.0.0/24) -> Gateway ->Test network (10.2.0.0/24)

            If I could convince the VPN users to switch to OpenVPN then I suppose I could push routes rather than rely on pfSense having the static routes but they feel they know PPTP and they're scared to try something new.  I also tried just telling people that they had to manually add a route to the test network after bringing up the PPTP connection but that was too much for too many of the remote users to handle.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.