DMZ network dont find internal network - VPN client dont reach DMZ servers
-
Hello friends,
I have the follow:
-
OVH Dedicate Server
-
IP failover Block /27
-
Running in a VM on Proxmox 4.x
-
WAN Interface(using one IP from the /27 block) is in a bridge with the DMZ1 interface to be accessible
-
pfSense Version: 2.3.2-RELEASE-p1
Interfaces:
-
WAN 178.x.x.65
-
DMZ1 178.x.x.64/27
-
DMZ2 10.x.x.x.x/24
-
LAN 192.x.x.x/24
What happen is some times the servers in the DMZ1 who have Plubic IP address can not reach the networks DMZ2 and LAN (both are internal networks) is like some times lose the route to this network. When i configure the Gateway in the Servers i use the plublic IP of the pfSense Firewall then he can have access to the other networks. The other part of the time is possible to access all the resources without problem. The thing is that something really strange happen that some times i have this outage and is broken the communication between DMZ1 and DMZ2 then webservers can not communicate with DB servers.
The other problem is from the OpenVPN interface, some times i can access all the resources in the DMZ1 but some times i have problem with one host, that i can not reach. Here an example of the traceroute:
1 gateway (10.0.1.1) 55.979 ms 55.984 ms 55.970 ms
2 149.202.68.253 (149.202.68.253) 98.540 ms 98.564 ms 98.519 msHere he is going somewhere beyond the pfsense firewall in the OVH network.
This is how should look the traceroute when is working properly:
1 gateway (10.0.1.1) 23.332 ms 65.114 ms 65.045 ms
2 web01.example.com (178.x.x.76) 64.984 ms 64.945 ms 64.923 msI want to know if there is a way to force in both problems to use the right route or if this is a bug?
Let me know if more details are necessary to by more clear.
All the best and thanks for the help friends.
-