Static route seem not work
Hi all, here is the issue
static route :
network - Gateway - Interface
10.200.0.0/16 - GW_1 - WAN
Name - Interface - Gateway
GW_1 WAN 192.168.1.15
GW_2 (default) WAN 192.168.1.1
The problem itself: When i want to reach a host belonging to 10.200.0.0/16 network the pfsense router use the default gateway (192.168.1.15) Instead GW_1 (192.168.1.1) static route (i realize this with traceroute from mi pc)
1. Why this is happend?
2. How can i troubleshot this? I mean see the routing loggings.
Perhaps you could produce some network diagram. Cannot make sense of it.
Here is the diagram.
Hope it helps
Also, i check the routing logs (/var/log/rounting), i get this error:
Dec 8 19:34:53 pfSense radvd: version 1.9.1 started Dec 8 19:34:53 pfSense radvd: no auto-selected prefix on interface em1, disabling advertisements Dec 8 19:36:48 pfSense radvd: Exiting, sigterm or sigint received. Dec 8 19:36:48 pfSense radvd: sending stop adverts Dec 8 19:36:48 pfSense radvd: removing /var/run/radvd.pid
Pfsense version: 2.3.2-RELEASE-p1 (amd64)
I think i got this.
In pfsense firewall, on the WAN interface (192.168.1.2):
It been configured on an interface IPv4 upstream gateway: GW1 (192.168.1.1) so i change that for "none"
I have to test on production, but i what do you think?
I think your network design is completely broken. You cannot have WAN and LAN on the same subnet.
I agree, this was already configured, i don't designed the network. But in this case "WAN" is just a name. Of course i like to change it to "lan2" for example.
Thanks for reply.
No. Let me try again. You cannot have ANY two network interfaces on the same subnet.
Hi doktornotor, this network is already on production with another technology, i agree that this is not the best solution, neither a good solution, but I have this reality and nobody wants to authorize the change me for the cost and the impact asociated.
I already saw something like this in others fabricant "overlapping subnets" (like that they calling). But, I'm new to Pfsense, when you said "can not" it's really "can not" in pfsense, or is it "should not"?
Thanks again for your reply.
Let me try for the last time. You ABSOLUTELY CANNOT have two interfaces on the same subnet. Only one will have link route. Period. Redo your network. Will not ever work.
kpa last edited by
Seconded, your set up is an invalid one. The only way to have the same subnet on two or more interfaces at the same time is to use bridging, if you don't want to take that route you have to redo your set up with a different subnet on pfSense's LAN.
Not seeing where your lan network is called out.. is it also 192.168.1/24?? Or some other sub of 192.168.1 that overlaps with 192.168.1/24 - if so then NO you can not do it that way..
You for sure could have multiple routes to different IPs on your wan that is your transit network.. But you can not expect it to work if your lan side clients are on 192.168.1/? And you want them to go to the internet or this other 10.200 network