Multiple subnets on the lan
-
Hi all, I'm in the process of building a small wireless ISP (WISP). I'm using a PFSense box as my core router/NAT. I currently have 2 tower locations with plans to add more in the coming months. currently the network is flat, bridged. All addresses to customers are in the 10.1.1.0/24 network on the lan side of my PF box. My plan is to add routers at each tower site with PPPoE and a radius server to control network broadcast storms. Differenet subnets for each tower's customers and the PtP backhauls. I have the routers configured with OSPF and have the OSPF package installed on PFSense. I can ping all the different addresses of the various subnets from the 10.1.1.0 subnet and I can ping from those subnets (10.1.2.0/29 and 10.1.2.8/29 currently) to the 10.1.1.0/24 subnet. However, I cannot ping 10.1.1.1 (pfsense box) from any of the other subnets. Doing a packet capture on the PFSense box shows that the packets are reaching it. What is going on ? I created additional firewall rules and Nat rules for these subnets (copied the default rule for network 10.1.1.0 and just changed the network and subnet mask data.)
It's rather important that I get this situation remedied. I don't want to have multiple NAT levels.. I need a fully routed network for this to function properly. Any help would be much appreciated.
![firewall rules.PNG](/public/imported_attachments/1/firewall rules.PNG)
![firewall rules.PNG_thumb](/public/imported_attachments/1/firewall rules.PNG_thumb)
![nat rules.PNG](/public/imported_attachments/1/nat rules.PNG)
![nat rules.PNG_thumb](/public/imported_attachments/1/nat rules.PNG_thumb) -
Dude, for starters, adding a TCP rule does NOT allow ping… It uses ICMP. Sigh. Other than that, I don't have time for this, but - you don't want NAT, yet you are adding a gazillion of manual NAT stuff. You want routing, yet you did not add any routes/GWs to those subnets you have created on some towers or god knows what?