How to get 2 separate networks to talk to each other?
-
@johnpoz
Is this the correct way to set up this rule?
-
No!
On your server interface allow ping to the server address.
example
You want to allow your server to ping pfsense server IP 70.1 - lets get that working atleast!
-
@johnpoz
Ping resulted in 100% packet loss
-
OH my GAWD!! dude... how is the dest 70.2 that is not pfsense IP address!!
Please set a rule on your server interface to allow PING to pfsense address server address.. And ping from your server..
-
@johnpoz
Sorry! Dumb mistake! Fixed it. I pinged from the NAS and resulted in packet loss
-
Well there is something major wrong... You sure pfsense IP is actually 192.168.70.1?
Can you use a different interface? You don't have any vlans setup or anything like that?
Why was there no answer to the dhcp you show there on port 67? You can arp, but not doing any sort of traffic... Makes no sense at all..
-
@johnpoz
The vlans are all on the LAN side (192.168.69.1) with switch.
The SERVER side has nothing, just a straight direct connection to NAS. -
Well makes no sense at all... Do you have another interface you can use? Another cable.. Post a ifconfig output on pfsense. If it was a bad cable - you would think you wouldn't see the traffic too pfense, and you would see traffic out even if didn't get to the client when you sniff when you pinged.
-
-
dude... How do you have 192.168.70.1 on igb2, and you also have it on igb1.70??
Pfsense shouldn't even let you do that - because the interfaces overlap!!
Yeah that is not going to work ;)
-
@johnpoz
igb1.70 is a vlan right? That was deleted sometime ago and doesn't exist currently? Here's all of the vlans as of now: -
But the interface is still there via your ifconfig - so yeah that not going to work ;)
I would check in your xml - forwhatever reason its still there.. So yeah big issue!
-
@johnpoz
Nice! How do I get rid of it cleanly? This doesn't actually show up on my GUI. I have routine XML backups so doing it through XML shouldn't be a problem. -
I would look in your xml to see if its stuck in their somehow.. Then you could remove it from the xml and then reload.. Then do a reboot to validate it goes away.
You could remove it from cli command - but if its stuck in some xml, then on a reboot it could get put back.
I thought I was going nuts - cuz it sure didn't make sense. But now seeing you have 2 interfaces with the same IP makes sense that it was sending traffic out the other interface - or trying ;) So yeah our symptoms make sense for this sort of issue.
-
@johnpoz
Oh so I can just go through xml and delete all lines related to igb1.70? Just to be clear on the correct way:- Delete igb.70 from xml
- Restore new xml
- Reboot and check xml again
-
Yeah must be something left in the xml I would think... Or maybe the interface just didn't get delete.. But I have to assume you have rebooted at some point in troubleshooting this.
So I take it something must be messed up in the xml.
So validate its not in there in some messed up way.. If it is, remove it and then restore it. And then either delete the interface with cli, or reboot and make sure that igb1.70 interface is not there.
-
@johnpoz
So I looked through the entire XML file line by line and also with search function using any combinations of igb1, igb1.70, 70, and igb. Igb1.70 or even vlan 70 does not exist in the XML file at all anywhere. I ran ifconfig and it does still indeed show up. Thoughts on maybe something I missed?
This is the only group of igb.X in the entire XML file. -
did you look for the IP? Do a search. Search for interface igb1.70 as well..
If your saying its not in the xml, have you actually rebooted since you removed it - and it still comes back via ifconfig?
example - here is where the interface is created
<opt5> <descr><![CDATA[W_PSK]]></descr> <if>igb2.4</if> <spoofmac></spoofmac> <enable></enable> <ipaddr>192.168.4.253</ipaddr> <subnet>24</subnet>For 1 of my vlans... On your interface tab in pfsense - do you see the inteface still there? Even if you removed the vlan?
-
@johnpoz
Like this right? -
So you don't see that that is listed on your ifconfig output anywhere in the xml? You searched for it? You searched for igb1.70 Not just scroll through?
And again - have you actually rebooted since you removed this vlan? And your not seeing that IP or interface anywhere in the xml?
