PfSense Box cant ping LAN

acropolis11

Hi all,
Im having trouble with my pfsense router not being able to ping any of my IPs on both my Lan interfaces
My Typology
Internet --------------------- PFSENSE 192.168.1.1 ------------------------------------ Router 192.168.1.100
-----------------------------------------------||||||||||------------------------------------------------------------------------------------------------------------------------------------------------------------------- PC 192.168.10.1 on 192.168.10.0/24 subnet---------------------------------------------------------------------------------------------------

PC 192.168.10.1 can ping both gateways 192.168.1.1 and 192.168.10.1 but PFSENSE BOX cant ping PC ip or the ip of the router

Thanks Guys

viragomann

You need to add your router as Gateway in System > Routing > Gateways and add a static route for the LAN behind it pointing on the it on the next tap.

acropolis11

Hi @viragomann ,
The PC is connected directly to the PfSense router and not the ISP router provided

viragomann

So the internal IP of pfSense is 192.168.1.100, but your PC is in 192.168.10.0/24 subnet?

acropolis11

@viragomann nah the internal ip of the pfsense box is 192.168.1.1

lburr

If you want a LAN subnet of 192.168.10.0/24 then your pfSense router's LAN interface needs to be in the 192.168.10.x range... not in the 192.168.1.x range.

Like @viragomann said, it sounds like you've got the PC in one subnet & the router in a different one.

Is the 192.168.1.100 supposed to be your WAN? This doesn't make sense to me

JKnott

@lburr said in PfSense Box cant ping LAN:

If you want a LAN subnet of 192.168.10.0/24 then your pfSense router’s LAN interface needs to be in the 192.168.10.x range… not in the 192.168.1.x range

According to the sketch, there's a router in between. That should allow pinging between subnets. Also, the OP said he couldn't even ping the router, IIRC.

acropolis11

@JKnott @lburr Nah guys I have a pfsense router connected to the internet then on
LAN - I Have an ISP provided router - This Assignment has a static ip of 192.168.1.1
OPT - I have my PC - This assignment has a static ip of 192.168.10.1

My PC = 192.168.10.100
My Router connected to the PFSENSE = 192.168.1.100

My PC can ping both assignment static IPs i believe they are called gateways (192.168.1.1 and 192.168.10.1)

Hope this clears things up

Thanks

jahonix

@jknott said in PfSense Box cant ping LAN:

According to the sketch...

What sketch? I only see a mess of 3-lines ASCII.

Useful ASCII sketches are prepared for copy&paste here: https://forum.netgate.com/topic/19017/netzwerk-diagramme-zum-einfügen-in-eigene-posts
Don't worry it being the German part of this forum. The beauty of a sketch is that it's universal to understand.

lburr

@jahonix I'm glad I wasn't the only one confused by his sketch, using a sketch like your link shows is way easier to understand.

stephenw10

How are you testing this ping and what's the actual returned error?

pfSense should always be able to ping those as it has interfaces in each subnet. You would have to try quite hard to block that with firewall rules.

Steve

johnpoz

@jahonix

That https://textik.com is slick as shit! Added to my toolbelt links. Thank!!!

That will make for some really nice ascii art network diagrams.

edit: here is another one like that http://asciiflow.com/

acropolis11

@stephenw10 i have ssh'd into the pfsense box and ping my PC the only "error" message i get is that all packets are lost
i have the allow all firewall rules up
im am pretty new to this so im not sure as to the process of scoputing the problem
thanks for the help so far guys been going at this for a while

johnpoz

What is this downstream router you have attached to pfsense? Which you have this other network connected to. If its in your 192.168.1 network then you have a asymmetrical problem that will happen for sure on the return traffic from devices in the 192.168.10 network.

If you have a router/L3 switch doing routing connected to pfsense via opt interface then the network should be a transit network. Not your normal lan network with devices on it.

JeGr

@johnpoz said in PfSense Box cant ping LAN:

@jahonix

That https://textik.com is slick as shit! Added to my toolbelt links. Thank!!!

That will make for some really nice ascii art network diagrams.

edit: here is another one like that http://asciiflow.com/

I had ASCIIflow in that german support topic as well, but after trying both, it certainly lacks a few functions compared to textik. Textik handles links/lines between boxes and they stay linked/sticky whereas asciiflow doesn't have some sort of linking functionality :)