Default gateway, subnets and, gateway groups.
-
Hi everyone
I'm facing a problem with subnets and Gateway groups
this is my scenario:
40 subnets class C /24
each subnet corresponds to a VLAN
The routing bwtwen vlans is made by PFsense
2 ISP, both withs statics IP
ISP 1 is default gateway
One gateway group with fail over ISP1=T1 ISP2=T2, same problem with Load balance ISP1=T1 ISP2=T1
all 40 subnets work great and comunicate eachother as i allow it in FW rules with he default gateway
The problem arise when in change de the default gateway to a gateway group, after that i cannot ping from any host in a subnet to any host in other subnet, but i can ping the default gateway of each subnet from amy other subnet.
What i'm missing?
Any suggestions?
Thanks and regards.
-
You need to setup rules to bypass policy routing for local traffic.
If your rules on a VLAN interface say "pass anything from this network to anywhere using <gateway group>" then that's what it's doing -- nothing is saying that it's OK to pass the local traffic without a gateway set.
So you need multiple rules, for example:
- Pass from this network to <all local networks> -- no gateway set (default)
- Pass from this network to any -- gateway set to your gateway group
-
@jimp said in Default gateway, subnets and, gateway groups.:
o setup rules to bypass policy routing for local traffic
Thanks jim!
you nailed it!
