PfSense Box cant ping LAN
-
So the internal IP of pfSense is 192.168.1.100, but your PC is in 192.168.10.0/24 subnet?
-
@viragomann nah the internal ip of the pfsense box is 192.168.1.1
-
If you want a LAN subnet of 192.168.10.0/24 then your pfSense router's LAN interface needs to be in the 192.168.10.x range... not in the 192.168.1.x range.
Like @viragomann said, it sounds like you've got the PC in one subnet & the router in a different one.
Is the 192.168.1.100 supposed to be your WAN? This doesn't make sense to me
-
@lburr said in PfSense Box cant ping LAN:
If you want a LAN subnet of 192.168.10.0/24 then your pfSense routerās LAN interface needs to be in the 192.168.10.x rangeā¦ not in the 192.168.1.x range
According to the sketch, there's a router in between. That should allow pinging between subnets. Also, the OP said he couldn't even ping the router, IIRC.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
@JKnott @lburr Nah guys I have a pfsense router connected to the internet then on
LAN - I Have an ISP provided router - This Assignment has a static ip of 192.168.1.1
OPT - I have my PC - This assignment has a static ip of 192.168.10.1My PC = 192.168.10.100
My Router connected to the PFSENSE = 192.168.1.100My PC can ping both assignment static IPs i believe they are called gateways (192.168.1.1 and 192.168.10.1)
Hope this clears things up
Thanks
-
@jknott said in PfSense Box cant ping LAN:
According to the sketch...
What sketch? I only see a mess of 3-lines ASCII.
Useful ASCII sketches are prepared for copy&paste here: https://forum.netgate.com/topic/19017/netzwerk-diagramme-zum-einfĆ¼gen-in-eigene-posts
Don't worry it being the German part of this forum. The beauty of a sketch is that it's universal to understand. -
@jahonix I'm glad I wasn't the only one confused by his sketch, using a sketch like your link shows is way easier to understand.
-
How are you testing this ping and what's the actual returned error?
pfSense should always be able to ping those as it has interfaces in each subnet. You would have to try quite hard to block that with firewall rules.
Steve
-
That https://textik.com is slick as shit! Added to my toolbelt links. Thank!!!
That will make for some really nice ascii art network diagrams.
edit: here is another one like that http://asciiflow.com/
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
@stephenw10 i have ssh'd into the pfsense box and ping my PC the only "error" message i get is that all packets are lost
i have the allow all firewall rules up
im am pretty new to this so im not sure as to the process of scoputing the problem
thanks for the help so far guys been going at this for a while -
What is this downstream router you have attached to pfsense? Which you have this other network connected to. If its in your 192.168.1 network then you have a asymmetrical problem that will happen for sure on the return traffic from devices in the 192.168.10 network.
If you have a router/L3 switch doing routing connected to pfsense via opt interface then the network should be a transit network. Not your normal lan network with devices on it.
-
@johnpoz said in PfSense Box cant ping LAN:
That https://textik.com is slick as shit! Added to my toolbelt links. Thank!!!
That will make for some really nice ascii art network diagrams.
edit: here is another one like that http://asciiflow.com/
I had ASCIIflow in that german support topic as well, but after trying both, it certainly lacks a few functions compared to textik. Textik handles links/lines between boxes and they stay linked/sticky whereas asciiflow doesn't have some sort of linking functionality :)
