• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PROBLEM HITTING HOST

Scheduled Pinned Locked Moved Firewalling
4 Posts 2 Posters 466 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • X
    xlameee
    last edited by xlameee Dec 10, 2018, 9:33 PM Dec 10, 2018, 11:31 AM

    Hello

    I have run into a confusion

    I have interface "SERVERS"
    VLAN 12
    VIP IP 10.12.12.1
    MASTER : 10.12.12.2
    BACKUP : 10.12.12.3

    and

    Interface "STORAGE"
    VLAN 70
    VIP IP 10.72.70.1
    MASTER : 10.72.70.2
    BACKUP : 10.72.70.3

    RULES ON SERVERS interface are ANY TO ANY
    RULES ON THE STORAGE interface are PASS ICMP from STORAGE NET to any
    and REJECT STORAGE NET TO ANY just for logging

    When I tried to ping host let say 10.72.70.4 I've got time out
    but I can ping the VIP and an active Firewall in the HA cluster

    I can't seems to be able to go past the gateway of the STORAGE interface from any interface

    I should be missing something very simple in that puzzle :)

    Thank you

    EDIT: I just tuned on the DHCP on this interface and I've got an IP address to the host and I can mange from this interface but when I go static IP the IP does not show in nmap -sP request
    sorry I forgot to say that my storage Interface I have a freenas only installed

    OK I used pfsense diagnostics tools to ping that host when I try from STORAGE as a source address no problem but from any other interface I've got time out
    It is showing on the arp table, but why I can't get to this interface from any other I don't get it they all have ANY TO ANY Rule

    ?????????????????

    Only when this host get IP from DHCP everything is working fine

    X 1 Reply Last reply Dec 11, 2018, 10:40 AM Reply Quote 0
    • X
      xlameee @xlameee
      last edited by Dec 11, 2018, 10:40 AM

      ANYONE????????

      1 Reply Last reply Reply Quote 0
      • G
        Gertjan
        last edited by Dec 11, 2018, 3:22 PM

        Nope.
        It's still a puzzle.
        Add a network schema. Interface names, firewall rules, settings. Everything you took from default.
        Something to work with.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        X 1 Reply Last reply Dec 11, 2018, 9:05 PM Reply Quote 0
        • X
          xlameee @Gertjan
          last edited by Dec 11, 2018, 9:05 PM

          @gertjan hello

          I took from default a lot.

          RULES : for STORAGE INTERFACE Reject ANY TO ANY just for logging
          and PASS ICMP from STORAGE Net to ANY

          RULES FOR SERVERS Interface PASS SERVERS Net TO ANY

          This is a downstream network the FreeNAS is connected to an upstream network 192.168.10.0/24 the gateway and dns servers are set to an upstream network 192.168.10.1/24

          the WebGUI IPv4 Address is set to 0.0.0.0 witch mean I can manage the webGUI from any interface or I should be able to do so.

          the interface STORAGE on the FreeNAS is pointed to a downstream network 10.72.70.0/27 to provide an SMB share for all downstream networks

          What I was trying to do is start managing it from the downstream network 10.72.70.0/27 because I am going to remove it from the upstream network.

          I called upstream network but is actually my old 1Gb network and I am moving into a 40Gb and I am transferring all hosts to my new network

          What else puzzles me host can ping the upstream network but not the other one

          Thank you

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received