Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing between two pFsense

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 694 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sigals
      last edited by

      Hello there,

      I am trying to get two seperate pFsense boxes to communicate with each other as they are the default GW for two separate networks.

      They are hosted on two seperate physical servers which have been connected directly together via Ethernet cable.

      Below is a little diagram to help explain:

      https://i.imgur.com/0iN7nnY.png

      I have setup the interfaces to use a static ip (10.0.2.10 & 10.0.2.20) and firewall rules to allow all traffic on those interfaces:

      https://i.imgur.com/r2esgwS.png

      However when I try to ping the other pFsense box using the appropriate interface I'm not seeing anything go across the interfaces.

      Am I missing something obvious here? Selecting the appropriate interface in the left pFsense should be able to directly ping the other since they are connected directly?

      I'm not seeing an entry in the ARP table in the left pFsense for the right one (10.0.2.10).

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        "I'm not seeing an entry in the ARP table in the left pFsense for the right one (10.0.2.10)."

        Well without the ability to arp - it would never send the ping or any other form of traffic to an IP that is on its own network.

        You have a connectivity issue if you put them on the same layer 2 and they can not arp for each other.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • S
          Sigals
          last edited by

          thanks for your reply,

          I have switched the ports around but they still seem unable to see each other - below is a capture from one of the interfaces - both interfaces have green lights and are showing as 1000baseT <full-duplex>in pFsense

          12:42:22.533057 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:23.553164 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:24.573015 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:25.600799 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:26.616447 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:27.640076 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:28.653018 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:29.679155 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:30.193017 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:31.213010 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:32.239515 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:33.253957 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
12:42:34.273017 00:0c:29:18:74:be > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.10 tell 10.0.2.20, length 28
```</full-duplex>
          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            well your seeing the arp.. Clearly pfsense doesn't think has IP address 10.0.2.20 or it would answer the arp.

            Which interface is that on… You need to see if the other interface is seeing the traffic not that the one side is sending.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • S
              Sigals
              last edited by

              Thanks I have got it working now.

              One of my colleagues set the VLAN id to 2 without telling me so I had to make sure everything matched up - added some static routes and it's working now.

              Cheers.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.