Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Static Routes are not working

    Routing and Multi WAN
    2
    6
    835
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tofti last edited by

      Hi guys,

      i have a problem with static routing. I attached a jpeg with the neworks. I hope it contains everything that`s neccessary.
      Additional info Firewall rule for Network IFNET is:
      Protocol:  IPv4*
      Source:    IFNET net
      Port:        *
      Destination: *
      Port:        *
      Gateway:  *
      Queue:    *

      The problem descritption:

      PfSense itself (everything fine):

      • can reach every Host in the Subnets 192.168.2.0, 192.168.3.0, 192.168.4.0
      • can reach the Internet

      Server A (everything fine):

      • can reach every Host in the Subnets 192.168.2.0, 192.168.3.0, 192.168.4.0
      • can reach the Internet

      Laptops A to C (did not work properly):

      • can reach the Internet
      • can reach Server A (192.168.1.199)
      • can not reach WAN Router (192.168.1.1)
      • can not reach any Host in the Subnets 192.168.2.0, 192.168.3.0, 192.168.4.0

      Traceroute from PfSense to Server A (192.168.1.2):
      1  192.168.1.2  0.317 ms  0.121 ms  0.136 ms

      Traceroute from PfSense to WAN Router (192.168.1.1):
      1  192.168.1.1  0.824 ms *  0.524 ms

      Traceroute from PfSense to Host 192.168.2.1 (Remote Nework):
      1  192.168.1.1  0.824 ms  0.722 ms  0.732 ms
      2  10.184.244.29  8.558 ms  9.376 ms  7.883 ms
      3  10.201.209.221  14.112 ms  14.464 ms  14.107 ms
      4  10.201.209.222  133.048 ms  69.412 ms  42.216 ms
      5  192.168.2.1  41.287 ms  51.410 ms  47.158 ms

      Traceroute from Laptop to Server A (192.168.1.2):
      1    <1 ms    <1 ms    <1 ms  pfsense [192.168.1.199]
      2    68 ms    <1 ms    <1 ms  192.168.1.2

      Traceroute from Laptop to WAN Router (192.168.1.1):
      1    <1 ms    <1 ms    <1 ms  pfsense [192.168.1.199]
      2    *        *        *    timeout
      3    *        *        *    timeout
      4    *        *        *    timeout
      never comes back

      Traceroute from Laptop to Host 192.168.2.1 (Remote Nework):
      1    36 ms    <1 ms    <1 ms  pfsense [192.168.1.199]
      2    *        *        *    timeout
      3    *        *        *    timeout
      4    *        *        *    timeout
      never comes back

      I do not understand why the static routes are not working for the WAN Router and the Remote Network.
      Perhaps somebody can it explain to me.

      Cu
      Thomas
      ![Analyse PfSense Routing.jpg](/public/imported_attachments/1/Analyse PfSense Routing.jpg)
      ![Analyse PfSense Routing.jpg_thumb](/public/imported_attachments/1/Analyse PfSense Routing.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • T
        tofti last edited by

        Sorry,

        I forgot to paste the Version of PfSense:

        2.3.4-RELEASE (amd64)
        built on Wed May 03 15:13:29 CDT 2017
        FreeBSD 10.3-RELEASE-p19

        1 Reply Last reply Reply Quote 0
        • V
          viragomann last edited by

          I guess you're missing a route on the WAN router to IFNET. It should point to the IFWAN IP on pfSense.

          1 Reply Last reply Reply Quote 0
          • T
            tofti last edited by

            Hi viragomann,

            but why there is a route missing on the WAN router. (I can`t add a route on this router it is handled by the Internet Service Provider).

            The DSL Router did not have a route and it works.

            Cu

            1 Reply Last reply Reply Quote 0
            • V
              viragomann last edited by

              The WAN router has also to know that IFNET is behind pfSense otherwise it directs packets destined for this subnet (here the ping responses) to its default gateway.

              If adding a route to this router isn't an option you can solve it by an SNAT rule.

              1 Reply Last reply Reply Quote 0
              • T
                tofti last edited by

                Hi viragomann,

                thank your very much for your hint.

                Adding a route to this router is not possible.

                I have added a SNAT rule and now everything works like a charm.

                Cu
                Thomas

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy