Routing problems
-
I have been a trying to setup a relatively simple "router on a stick" type of network using pfSense and two catalyst 3560's but for some reason I can't get routing to work between my VLANs. I keep getting "Connection timed out" after reaching pfSense but I can access the internet and pfSense from all VLANs and vice versa without any issues. I am relatively new to doing routing on pfSense so I would appreciate it if someone more experienced can check if I missed a step while setting this up or made some silly mistake.
Both switches are connected to pfSense with LACP trunk (lagg0 and 1) I have created sub interface with IP for each VLAN and assigned them to appropriate trunk as shown below with the exception of VLAN 50 where the sub interfaces were brigged and IP was assigned to the bridge instead as the VLAN is spread out over both switches and uses two sub interfaces.
I also duplicated the "Allow any" inbound FW rule from LAN for each sub interface. The trunks on the switch are configured according to the freebsd handbook as shown below.
I am about to go crazy with this so any help is very much appreciated!
-
so:
-all vlan_clients have access to the internet & can access the pfsense webgui
-you have 'allow all rules' on all vlan_interfaces (with proto=any)?are you sure the clients are accepting connections from each-other?have you tried to turn off windoze firewall ?
-
so:
-all vlan_clients have access to the internet & can access the pfsense webgui
That's correct.
-you have 'allow all rules' on all vlan_interfaces (with proto=any)?
Yes, just like on the default LAN interface. Allow any type of traffic from abc net to any destination. I will eventually build rest of my rules on top of these.
are you sure the clients are accepting connections from each-other? have you tried to turn off windoze firewall ?
Yes I can reach the clients from pfSense but not from a different subnet/vlan. Most of my traffic is ssh/slp anyway so beloved Windows FW doesn't play a role here.