Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't Ping with static IP address inter vlans

    Scheduled Pinned Locked Moved Routing and Multi WAN
    6 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sousket
      last edited by

      Hello,

      i'm currently on setup with my lab, and i have a problem with routing multi VLAN.

      I have a server on OVH (with ESXi), so i have my public IP, and i just adding a failover IP with PFsense.

      On my PFsense, i have 3 VLANs :

      • LAN (just default LAN on 192.168.1.X).
      • VLAN10 (tag 10) : 10.0.10.20 - 200 with gateway 10.0.10.1 (but i don't have create a specific gateway on gateway menu). DHCP enable.
      • VLAN20 (tag 20) : 10.0.20.20 - 200 with gateway 10.0.20.1 (same as VLAN10). DHCP enable.

      Firewall rules are : VLAN10 to any, and VLAN20 to any

      On VLAN10, one DC : 10.0.10.20
      ON VLAN20, one server : 10.0.20.20

      On each i can ping from VLAN10 to VLAN20 when servers are on dynamics IP (and inversly).

      The problem is that when i change IP on static on windows (with same IP as dynamics), i can't ping any servers.

      from my DC (VLAN10), i can't ping my server on VLAN20 (and inversly).

      No firewalls enable on servers.

      Thx for your help !

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Have you also added the gateway to the host manually when changing to static IP?

        1 Reply Last reply Reply Quote 0
        • S
          sousket
          last edited by

          when i change IP from dynamic to static yes, i add :

          10.0.10.20
          255.0.0.0
          10.0.10.1

          and DNS himself because it's DC / DNS server (127.0.0.1).

          On my second server :

          10.0.20.20
          255.0.0.0
          10.0.20.1

          DNS : 10.0.10.20 (first server DC so).

          But ping is KO on static IP. Only working with dynamics IP (and same IP).

          Note : "Bypass firewall rules for traffic on the same interface" under System>Adv, Firewall/NAT is check.

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            Your network mask is to large!
            So both clients think the other IP is in its own subnet and don't direct packet to the gateway.

            1 Reply Last reply Reply Quote 0
            • S
              sousket
              last edited by

              Ho sorry !!! Yes after modification it's ok now :) !

              But now my problem is that on VLAN10 and VLAN20, i don't have internet access. When I ping 8.8.8.8 from my DC or the other one :

              ping 8.8.8.8 :
              Reply from 10.0.10.1: Destination host unreachable.

              To resume i can't exit from VLAN10 / 20 gateway :(

              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                Maybe the outbound NAT isn't working properly.

                I don't know if pfSense adds the outbound NAT rule correctly for vLANs or maybe your outbound NAT is set for manual rule generation. Check the rules in Firewall > NAT > Outbound.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.