Cannot ping another subnet? (SOLVED)
-
You have a host with an interface configuration of 10.10.2.86/21. Its broadcast address is 10.10.7.255.
you mean 10.10.2.255?
Quick question how come its possible with iptables they can ping each other by adding the rules.
Also Maybe im missing something by adding maybe a static route. Because the user gets the IP from the windows server DHCP 10.10.2.86 with subnet of 255.255.248.0 and gateway pfsense 10.10.1.218. I also logged the packets I can see the allows.
Thank you
-
-
you mean 10.10.2.255?
nope.
10.10.2.86/21 also means:
| Network address: | 10.10.0.0 |
| Host-IPs from: | 10.10.0.1 |
| Host-IPs to: | 10.10.7.254 |
| Broadcast address: | 10.10.7.255 |
| |
| # of hosts: | 2046 |… how come its possible with iptables they can ...
In a broken setup like yours everything's possible. It's unpredictable.
That is why Derelict tells you like a mantra: get your network fixed first.
I have veneration for him doing so over-and-over again. -
ah, NOW I see your problem: the PC is missing, that's why you can't ping to/from it! ;D ;D ;D ;D ;D
 -
You have a host with an interface configuration of 10.10.2.86/21. Its broadcast address is 10.10.7.255.
you mean 10.10.2.255?
No, I mean 10.10.7.255. That is the IP broadcast address for a host configured with 10.10.2.86/21. Don't believe me, how about my handy calculator?
And it doesn't matter. 10.10.1.255 != 10.10.2.255 either.
Quick question how come its possible with iptables they can ping each other by adding the rules.
Don't know don't care. That design is broken. I don't hassle making broken configs "work". I fix them.
 -
thanks for the replies,
alright so let me start from scratchSo all the servers will be on the 10.10.1.0/24
pfSense will have an Ip of 10.10.1.218 the gateway
with LAN 10.10.1.218/24
Then the windows server 2012r2 which has an ip of 10.10.1.200
gives out the DHCP of 10.10.2.0/24So would i need to reconfigure my DHCP scope?
So i setup a separate test environment
internet–----pfSense-------switch-----computer static ip 10.10.2.86/24
I see the arp but when i try to ping nothing :(
Thank you
-
Dude.
Then the windows server 2012r2 which has an ip of 10.10.1.200 gives out the DHCP of 10.10.2.0/24
10.10.1.0/24 and 10.10.2.0/24 need to be different network segments. THEY CANNOT SHARE THE SAME WIRE (aka broadcast domain) if you want the network to behave in a sane fashion.
-
Dude.
Im so sorry im not sure why im so confused if its this week..
Alright i got that it has to be a different segment which he has it right now as 10.10.2.86 with subnet of 255.255.248.0
So not sure what I need to change or am i overthinking it?
Thank you and sorry for being so retarded :(
-
Two different segments - two different pfSense interfaces (physical or VLAN). with routing between 10.10.1.0/24 and 10.10.2.0/24.
Like I said that network needs a complete redesign.
-
WELLL i feel like an idiot….all i had to do is change pfSense LAN to /21 .....i dont know why i complicated myself something so simple..
Thanks again
-
SMH
-
its those days that nothing works out…But now that i told my friend to change the whole network hes going back to 192.168.1.1/24 and putting VLANS so the network does not get congested
Thanks again
-
If you're going to renumber and redesign, take the opportunity to get off 10/8 and 192.168.0.0 and 192.168.1.0/24.
For VPN purposes, it's better to be on networks that do not conflict with a billion or so other networks worldwide.
A couple random choices:
172.28.95.0
192.168.213.0 -
Good idea Will take your advice :)
