No Internet on second lan
-
Do you have a Default Allow rule on the igb4 interface? Only the first LAN gets such a rule by default. All other added interfaces have no rules and no access.
-
I believe so.
Under Firewall/Rules/SecondLan I have
Protocol IPv4 *
Source SecondLan net
Port *
Destination *
Port *
Gateway *
Queue None -
Did you modify your outbound NAT rules recently? If your first LAN is working, then usually the extra LANs are a cinch with just the addition of the Default Allow rule.
-
These are my current (hybrid) outbound nat rules .
The automatic rules have obviously changed by the addition of 192.168.3.0/24 -
can you ping 8.8.8.8 from secondlan ? maybe a dns problem?
-
No I cannot ping 8.8.8.8 from SecondLan.
The address of my WAN is given as 146.xxx.xxx.xxx and I can ping that
-
I'm not sure what's going wrong here. I will say that I've had a few cases this week where simply deleting everything and starting again fixed several weird problems.
-
Do you have Don't pull routes checked or unchecked in the purevpn client config?
If it's unchecked, check it.
-
Well definitely a step forward thank you.
Checking don't pull routes does indeed provide internet access on SecondLan. However the computer on igb1 that should be going through my VPN now displays my public IP address.
Further advice welcome as I am well out of my depth here.
-
You have two choices:
Disable Don't pull routes and policy route everything you DON'T want to go over the VPN to the WAN Gateway.
Enable Don't pull routes and policy route everything you DO want to go over the VPN to the VPN Gateway.
When you pull routes from a VPN server they usually push a default route to you (actually two routes 0.0.0.0/1 and 128.0.0.0/1 which covers the IPv4 space in two routes.) This means you need to policy route exclusions to that out the WAN.
-
@KOM said in No Internet on second lan:
I will say that I've had a few cases this week where simply deleting everything
Included the fact that there was an "AP" between OPT and the device - pfSense worked well, it was the AP .....
@DaveB : what is between your OPT interface and your device - just a cable or some box ?
What was the IP the device got using DHCP ?
Netmask ?
DNS ?
Gateway ? -
I believe I am now sorted.
I have left don't pull roots unchecked and in firewall/rules/secondlan advanced options/gateway I chose WAN_PPPoE.
I now have internet connection via VPN on igb1 and igb2 and connection not through VPN on igb4 just as I wanted.
Many thanks for the help
