Beginner Question - https admin gui of server unavailable, until I start pinging it?
-
Sorry, I made some edits about 5 minutes in. I screwed it up! It is correct now.
Hi Everyone,
I just got a PFSense box, and I really love it. Learning a lot, and hopefully one day I can convince my office to use this software.
About My Network
My client and Server are on the same interface (LAN) (172.16.0.1/24).I have a server on my network. It's address is 172.16.0.5, so it's on the LAN2 interface. My client device is on my LAN network, with an IP address of 172.16.0.10.
To troubleshoot, both interfaces have a default allow any rule from internal to wherever, and I am getting traffic (eventually), so I don't believe the firewall is the issue, but anything is possible. I can get internet and an IP on both lans.
I am most supspicious of my unmanaged switches.
Here is the chain of devices to from pfsense to server:
PFSense (Interface LAN2) ->
(Port 1) Unmanaged Switch 1 (Uplink Port) ->
(Port 1) Unmanaged Switch 2 (Port 2) ->
Server Ethernet PortHere is the chain of devices from pfsense to client
PFSense (Interface LAN2) ->
(Port 1) Unmanaged Switch 1 (Uplink Port) ->
(Port 1) Unmanaged Switch 3 (Port 2) ->
Client Ethernet PortAs you can see, my client and server are plugged into the same switch, so their routing is traversing both switches to the same interface.
For Unmanaged Switch 1, the last port is labeled link/act, so I'm pretty comfortable using that port as the connection between the two switches.
The Issue
When I visit the servers admin interface at https://172.16.0.5:10008 (LAN2), my web browser will never load the page, until it times out. However, if (while the webpage is loading), I open the terminal, and start pinging 172.16.0.5, after about the 5-6th ping, the webpage will load!This is very consistent. I've tried waiting shorter and longer, and it always reacts the same way. If I stop pinging, the live statistics will stop.
I appreciate any help, thank you.
-
It's not the firewall, as you say.
Both the client and server are in the same subnet so traffic goes between them directly through switch 1. pfSense never sees that traffic at all.
Check for a bad subnet mask on something. It would have to be a very small mask though to include, for example, the server and gateway but not the client.
It sounds like you have some asymmetric traffic. When you start pinging you get an ICMP redirect sent that then allows replies until it expires.Steve