Routing between interfaces
-
Local firewalls, perhaps? What devices are we talking about here?
-
No firewalls in place on connected devices as part of troubleshooting.
LAN can all ping within LAN
OPT1 can all ping within OPT1
Example: 192.168.2.3 can ping 192.168.2.250, 192.168.2.3 can also ping 192.168.4.1 but not 192.168.4.52
Example 192.168.4.52 (zoneminder) can ping 192.168.4.54 (camera). 192.168.4.52 can also ping 192.168.4.1, 192.168.2.1 but NOT 192.168.2.250Windows 192.168.2.250 ICMP 192.168.4.52 -> PFSense 192.168.2.1 -> 192.168.4.1 -> notta.
I just decided to do a trace route on my windows host. it seems the routes are not working.
When I attempt to traceroute to 192.168.4.52 it goes out to my internet connection.
Traceroute 192.168.4.1 and it's instant.Okay so why is PFSense redirecting traffic to my WAN for that ip?
-
Check the netmasks on all your pfSense interfaces. They should probably be /24 and are likely /32.
Are you using policy routing (Setting gateways on LAN/OPT1 rules)?
-
Everything is /24 for the full 192.168.2/4.x subnets
Yes I have the LAN interface set to go through the WAN_DHCP gateway and Guest network to go trough the OVPN Client for it's gateway.
-
Rules:
-
What you are seeing is normal and expected.
https://doc.pfsense.org/index.php/Bypassing_Policy_Routing
-
How do I enforce just my guest network uses the OVPN Client gateway without it? When I use default WAN connectivity is gone.
-
What I mean is if I set my outbound rules to default there is no WAN connectivity on the LAN anymore with that PIA rule enabled.
-
You probably need to check "Don't pull routes" on your PIA client.
There are probably a thousand threads on this, bro.
-
Slaps hand on head. Yup. That's it.
Thanks so much, honestly I had no idea what to search for to figure out this mess.
-
"PIA"
