Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cross subnet access problem

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 586 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      svarto
      last edited by

      Hello all,

      Apologies for a probably (and hopefully) a beginners question to pfsense.

      I have problem accessing another subnet (e.g. 172.16.0.0) when I am in the other subnet (e.g. 10.0.0.0). I have tried almost everything, opened up firewalls, clicking on and off options, that I finally just thought I would post on the forum to hope someone can help me.

      The weird thing is that, independent which subnet I am connected to, I can always get to the pfsense webgui (i.e. on 172.16.0.1 when I am on 10.0.0.0 and vice versa works!).

      I have attached the following:

      • Network map

      • Hypervisor (Proxmox) NIC setup

      • pfSense NICs

      • pfSense LAN and OPT1 settings

      • pfSense reserved networks unchecked

      Additional information is that I have 6 NICs, two built into the motherboard and then 4 on a separate PCI express Intel card. Pfsense is virtualized on proxmox and that is how I have these Virtio NICs.

      My problems:

      • I cannot connect from one subnet to the other

      • Within subnet 10.0.0.0, proxmox interface is not available on 10.0.0.3, however it is available when I am in subnet 172.16.0.0 (the TP-Link in bridge mode) - very weird

      I am really grateful for your help!!
      ![reserved networks.JPG](/public/imported_attachments/1/reserved networks.JPG)
      ![reserved networks.JPG_thumb](/public/imported_attachments/1/reserved networks.JPG_thumb)
      LAN.JPG
      LAN.JPG_thumb
      NICs.JPG
      NICs.JPG_thumb
      OPT1.JPG
      OPT1.JPG_thumb
      ![network map.JPG](/public/imported_attachments/1/network map.JPG)
      ![network map.JPG_thumb](/public/imported_attachments/1/network map.JPG_thumb)
      ![Proxmox network setup.JPG](/public/imported_attachments/1/Proxmox network setup.JPG)
      ![Proxmox network setup.JPG_thumb](/public/imported_attachments/1/Proxmox network setup.JPG_thumb)

      1 Reply Last reply Reply Quote 0
      • M
        marvosa
        last edited by

        We will need a network map to offer any targeted troubleshooting, but I suspect you have a networking issue.

        What you should have is each NIC connected to a separate vSwitch and then physically connected to either separate unmanaged switches or connected to a managed switch configured with VLAN's.

        If you have your NIC's connected to the same switch (either physically or virtually), it's not going to work.

        1 Reply Last reply Reply Quote 0
        • S
          svarto
          last edited by

          Hi Marvosa,

          Thank you very much for helping out, I added a network map - please let me know if this makes sense now or if you need more information.

          1 Reply Last reply Reply Quote 0
          • S
            svarto
            last edited by

            I actually solved it!

            I did plenty of steps, but in the end it worked out, I order them by relevance to this topic:

            • Added a static routing into my TP LINK archer c7, for others http://forum.tp-link.com/showthread.php?79872-Can-t-ping-access-TL-WDR4300-from-other-subnet

            • Changed the Proxmox bridges to be Intel E1000 instead of Virtio

            • Changed the start up order of the pfSense VM

            • Passed the CPU as host to the pfSense VM

            Now I will start playing around with the Firewalls  :)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.