Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange issue with static routes

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      KeepGood
      last edited by

      Hi all,

      I'm having a bit of a problem on my network(s), I'm hoping someone can help me out.  I'll try to explain whats been happening.  Recently my network fell apart.  Both my girlfriend's and a friend's router died, they were both Netgear FVS318 VPN routers.  I've been using pfsense for ages and I'm slowly getting all of my friends to convert. In the meantime I'm having to get the network back up and running using any means necessary.  The only routers I had spare were some DLink units running DD-WRT so I'm using them to make the connections I need.  Previously each network was connected by IPSec.  The DD-WRT units have PPTP capabilities.  This is the config of our networks.
      Network 01:

      Router = pfSense 2.0-RC3
      IP = 192.168.1.1/24

      Network 11:

      Router = pfSense 2.0-RC3
      IP = 192.168.11.1/24

      Network 18:

      Router = DD-WRT v24
      IP = 192.168.18.1/24

      Network 25:

      Router = DD-WRT v24
      IP = 192.168.25.1/24

      Network 01 is main site all of the other networks need to access.  At this point the other network do not need a direct connection to each other.  The two pfSense units are connected via IPSec VPN. Network 01's router is also running a PPTP server for the DD-WRT units to connect to.  I found that DD-WRT would connect to the pfSense box and resources on the pfSense network were accessable but resources on the DD-WRT network were not.  On Network 01's pfSense box I added some static routes and gateways to allow traffic to be correctly routed back to the DD-WRT networks via the PPTP connections.  This works well and traffic is now crossing between networks happily.  This is where my problem occurs.  When the second pfSense box connects via IPSec, the routes to the DD-WRT network stop working.  If I go into System > Routing > Gateways and click edit any of the gateways, then save, without making any changes, the routes start workng again but the IPSec connection stops working.

      Can anyone shed any light on why this could be happening?

      Thanks in advance.

      KeepGood

      1 Reply Last reply Reply Quote 0
      • K Offline
        KeepGood
        last edited by

        As additional info, when trying to ping another network from Network 01 I get …

        Reply from 192.168.1.1: TTL expired in transit.

        I'm updating pfSense as each snapshot is released in hope this is problem is solved, but no joy so far.

        1 Reply Last reply Reply Quote 0
        • W Offline
          wallabybob
          last edited by

          @KeepGood:

          Reply from 192.168.1.1: TTL expired in transit.

          That suggests to me a routing problem. It would probably help to draw a diagram of your network and check that each system on all the paths of interest is able to forward packets correctly - you might need some additional routes.

          The traceroute tool might also be useful to help determine if your routing is correct.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.