Can't ping VPNrouter (now with beautiful picture)
-
I have pfsense running as my primary router with the follow relevant config (digits purposely obfuscated):
eth1 (LAN) : 192.168.1.1 /24
eth2 (LANtoVPNRouter) : 192.168.2.1 /29 with defined gateway 192.168.2.2
wan (default gateway) : 100.100.100.100there is a VPNRouter (running ClearOS) with the following relevant config:
eth1 (LANtoVPNRouter) : 192.168.2.2 /29
wan : 100.100.100.101I also have PC with the following relevant config:
eth1 (LAN) : 192.168.1.50 /24
gateway : 192.168.1.1I am experiencing the following weirdness:
Successful Pings:
192.168.1.50 -> 192.168.1.1
192.168.1.50 -> 192.168.2.1192.168.2.1 -> 192.168.2.2
192.168.2.2 -> 192.168.2.1
192.168.2.2 -> 192.168.1.50 !!!!!!!??Failed Ping:
192.168.1.50 -> 192.168.2.2 !!!!!!!??
tracert 192.168.2.2 (from 192.168.1.50) goes out the WAN port on my pfsense router! I did a packet capture of my WAN port to confirm. Why doesn't it go out 192.168.2.1?
The thing is, I have this identical setup at 4 different locations, and they all work fine. I can ping both ways. Tracert goes out the proper interface. Obviously something is not identical, but I can't figure out what.
I tried setting a static route on pfsense of 192.168.2.0/29 via 192.168.2.2 and this fixed the ping and tracert problems, but it also brought my network to its knees (some kind of storm?) Anyway, I don't think a static route is necessary when the machine has an interface on both subnets.
More info:
-
pfsense is running the latest version 2.3.2 (as are all the other sites)
-
pfsense is running on VMware (as are all the other sites)
-
One difference between this site and the others is that the pfsense and VPNRouter are on different physical machines, both running VMware, whereas the other sites have both the pfsense box and the VPNRouter on the same ESXi instance. This shouldn't matter, however, as I can ping just fine between both machines, as indicated above.
-
I have tried other PCs on the same LAN with the same wonky results above (I can ping from VPNRouter to PC, but not in reverse; tracert goes out the pfsense WAN).
-
Status / Gateways shows status of the 192.168.2.2 gateway as online.
-
Status / System Logs / System / Gateways is showing the following error continuously :
Jul 27 11:30:32 dpinger VPNRouterGateway 192.168.2.2: sendto error: 64
-
-
I have added a picture summarizing my problem. Halps
-
Eh… no one helped me so I just went through the long hassle of installing a new instance of pfsense (on the very same VMware box) and everything seems to be working fine...
Only difference between this instance and the old one is that the old one has been upgraded through several versions and this one is a fresh install of 2.3.2, so.... meh
-
i have this problem to
:(