2 lan routing issue
-
You said you vpn info is empty but is it disabled? I believe my problem at one time was that it was enabled even though I believe I felt like I removed all info. This is a really interesting problem. Like you have said before this should be a fairly straightforward setup. If you look at the arp table on your clients, do the entries for 192.168.0.35 match the actual mac address of your firewall's interface?
-
I have my laptop on the 192.168.0.0/24 network, I can ping 192.168.1.1 from here, I checked the Mac with the Physical Mac and they do match….
I can't find a way to make sure it is turned off, I checked through the 3 options under VPN and all are empty.
-
Here is something interesting, I just ran advanced IP scanner….. It does not show a MAC for the 192.168.1.1 adapter, now that is odd, it shows others in the other ranges.
ARP table shows the MAC, so it would seem something is blocking something external to the PFSense box.....
Just moved the adapter address to 192.168.2.1, same thing, no MAC shown using advanced IP scanner.
I am going to swap out the port for another one on the same card tomorrow, will try that and report back.
-
I could not wait, I moved the port over to the spare, still not working….. something has to be blocking it. I have no idea what it is.
-
Unless you added block floating rules, it's not possible for Diag>Ping traffic to be blocked, it's the device in question not replying to off-subnet traffic. Switch is probably a good one to troubleshoot with since it shouldn't have a local firewall of any sort, though verify that's the case. It's probably statically configured, make sure it has the correct 255.255.255.0 subnet mask, and has the gateway set to 192.168.1.1. And make sure you don't have anything conflicting on 192.168.1.1.
-
I did run a program to check over all networks in question, just in case something was wild on my network, i am finding no devices flaring around that is not meant to be there, so no conflicts. My switch is set for the right network, gateway is also set correctly.
I am going to try as you suggested earlier and put a laptop on that network and see what happens with it.I appreciate all the help i am getting…. Thank you all!
-
I did a factory reset on the router this evening, now traffic is passing in both directions! YAH…. Progress. Obviously, there was some issue with the config file, what I do not know.
There are hardly any rules on this fresh setup, the basic allow all to any rules on both networks are in place, as was before. I am going to start feeding my old rules back in, one at a time and see what breaks it.
Should be fun to do, seeing as I am going to read them off of the config file to put them back.. lol
The only thing I can think of, is this router has had hardware changes and upgrades, the config originally came off of another unreliable router I had, possibly the reason for this?
Anyway, got some work to do...
-
congrats, keep us updated.
-
"It does not show a MAC for the 192.168.1.1 adapter, now that is odd, it shows others in the other ranges."
Huh???
Why are we talking about this… This is 2 seconds to trouble shoot..
This is your network?? See attached.. Are you plugging em0 and em1 into the same switch? You have different switches?
Can devices on each network ping pfsense IP in that network? Is that IP of pfsense set as their default gateway? Your saying device on network A can not ping device on B, but B can ping A?
Why don't you sniff on pfsense and validate your traffic is sent to the client your trying to get to.. Does that client answer back? Your firewall rules for lan1 and lan2 look open.. So either you have client firewall blocking the traffic. Or a wrong mask, or wrong gateway, etc.. Or your your trying to run different L3 or over the same L2 and have some sort of async issue going on?
So please state how these networks are connect to pfsense, and what devices are connected to in each network. And what the clients settings are.. You mention another dhcp server - sure its handing out the right gateway??
This is quite often a local firewall issue.. Clients not allowing traffic from other than the local network.
-
Thanks for the reply, but i resolved the issues with a reload of pfsense.