Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual PFsense routing issues

    Routing and Multi WAN
    1
    2
    489
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      OcDevil
      last edited by

      Hi,

      I am having some issues with a dual PFsense setup.

      Basically I have 2 physical hosts where a run a bunch of VMs. One physical box is running my home-lab and the other is running a demo-lab which is used to bring to different sites for education/demo/PoCs etc.. When the demo-lab is sitting at home, besides the home-lab, the WAN interface, in the demo-lab, is not connected to the internet.

      I have for a while now wanted to separate the 2 boxes network wise, so their LAN interfaces are running on different network ranges. For now I have connected the 2 boxes via physical NICs on a transit network, but I cannot succeed in getting any other traffic than ICMP between LAN from my home-lab to LAN on the demo-lab.

      I can ping the LAN network on my demo-lab from my home-lab and vice versa, so I am assuming that the routing is in place. I have created any/any rules on the transit network on both PFsense appliances.

      Info:

      Home-Lab - Hyper-V 2012 R2:
      WAN - DHCP
      DMZ - 172.16.10.0/24
      LAN - 192.168.10.0/24
      TRANSIT - 192.168.11.0/30

      Demo-Lab - XenServer:
      WAN - DHCP
      DMZ - 172.168.12.0/24
      LAN - 192.168.12.0/24
      TRANSIT - 192.168.11.0/30

      The demo-lab is running on a XenServer. This XenServer has a management interface configured on 192.168.12.200 I am able to ping this IP from a computer on LAN in my home-lab, I am however not able to connect via XenCenter on port 443.

      What am I missing?

      I have attached a drawing of my current network setup:

      Network.jpg
      Network.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • O
        OcDevil
        last edited by

        Small update…

        I have run some simulations in my XenServer setup. I have created 2 PFsense firewalls and some internal networks, to mimic my current setup. In this setup I experience the same issue. I am able to ping across the 2 PFsense firewalls just fine, however that's just about the only traffic I am ever going to get through RDP or telnet to 3389 never reaches any of the Windows hosts on either PFsense LANs.

        I decided to download OPNsense to test the simulation above. The exact same network interfaces are used and the exact same network configuration in OPNsense, as above simulation, has been applied. It works! So something is different in PFsense when it comes to routing/firewall rules/something else compared to OPNsense.

        I am currently doing some tests to see if OPNsense works in my home-lab and demo-lab.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.