Can't ping VPNrouter (now with beautiful picture)

  • I have pfsense running as my primary router with the follow relevant config (digits purposely obfuscated):

    eth1 (LAN) :   /24
    eth2 (LANtoVPNRouter) : /29  with defined gateway
    wan (default gateway) :

    there is a VPNRouter (running ClearOS) with the following relevant config:

    eth1 (LANtoVPNRouter) : /29
    wan :        

    I also have PC with the following relevant config:

    eth1 (LAN) :   /24
    gateway :    

    I am experiencing the following weirdness:

    Successful Pings: -> -> -> -> ->    !!!!!!!??

    Failed Ping: ->    !!!!!!!??

    tracert (from goes out the WAN port on my pfsense router!  I did a packet capture of my WAN port to confirm.  Why doesn't it go out

    The thing is, I have this identical setup at 4 different locations, and they all work fine.  I can ping both ways.  Tracert goes out the proper interface.  Obviously something is not identical, but I can't figure out what.

    I tried setting a static route on pfsense of via and this fixed the ping and tracert problems, but it also brought my network to its knees (some kind of storm?)  Anyway, I don't think a static route is necessary when the machine has an interface on both subnets.

    More info:

    • pfsense is running the latest version 2.3.2 (as are all the other sites)

    • pfsense is running on VMware (as are all the other sites)

    • One difference between this site and the others is that the pfsense and VPNRouter are on different physical machines, both running VMware, whereas the other sites have both the pfsense box and the VPNRouter on the same ESXi instance.  This shouldn't matter, however, as I can ping just fine between both machines, as indicated above.

    • I have tried other PCs on the same LAN with the same wonky results above (I can ping from VPNRouter to PC, but not in reverse; tracert goes out the pfsense WAN).

    • Status / Gateways shows status of the gateway as online.

    • Status / System Logs / System / Gateways is showing the following error continuously :
      Jul 27 11:30:32  dpinger  VPNRouterGateway sendto error: 64

  • I have added a picture summarizing my problem.  Halps

  • Eh… no one helped me so I just went through the long hassle of installing a new instance of pfsense (on the very same VMware box) and everything seems to be working fine...

    Only difference between this instance and the old one is that the old one has been upgraded through several versions and this one is a fresh install of 2.3.2, so.... meh

