Remote subnet routing

  • Hi!
    I have a problem connecting to a remote subnet:

    Setup is as following:

    We have a transfer network setup in between our premises, local and remote. It's transparent, physical and reserved for only this use. The production and the office network is kept separate, and on separate physical interfaces. The bridge for the production interfaces ixl0 and ixl1 is done in pfsense. There is a floating quick rule allowing all traffic on interfaces ixl0,ixl1,ixl5 and the virtual bridge interface, and no other rules. ixl5 is set as a gateway, and static route is set to via this gateway. I would need the workstations on local production network to be able to communicate to the DNS and the production servers on the remote production network.

    2 problems:

    • On local pfsense , I can ping to the remote firewall on it's interface, but not able to ping to the destination address

    • On the production workstation A (Win10) I can ping, but can not ping to On workstation there is a route set as following: "route add". Can not ping to either, but that's obvious as there's no need to have a route to the transfer network, but only to destination, is it?

    The remote site is double checked, and the firewall (Palo Alto I assume) should be configured correctly to allow ICMP and the other protocols needed, including routing.

    Can you find something in the local setup which is wrong and I'm not getting it? I would not need to NAT anything, do I?

    Many thanks in advance.

Log in to reply