Routing between WAN and LAN, OPT1 Interface



  • Hello,
    I have some problem with routing inside my pfsense box.

    My configuration:
    *** Welcome to pfSense 2.4.4-RELEASE-p1 (amd64) on pfSense ***

    WAN (wan) -> igb0 -> v4: 192.168.99.2/24
    LAN (lan) -> igb1 -> v4: 192.168.98.1/24
    OPT1 (opt1) -> igb2 -> v4: 192.168.44.1/24

    [2.4.4-RELEASE][admin@pfSense.localdomain]/root: netstat -rn
    Routing tables

    Internet:
    Destination Gateway Flags Netif Expire
    default 192.168.99.1 UGS igb0
    10.0.8.0/24 10.0.8.2 UGS ovpns1
    10.0.8.1 link#8 UHS lo0
    10.0.8.2 link#8 UH ovpns1
    127.0.0.1 link#5 UH lo0
    192.168.11.0/24 192.168.98.2 UGS igb1
    192.168.12.0/24 192.168.98.2 UGS igb1
    192.168.44.0/24 link#3 U igb2
    192.168.44.1 link#3 UHS lo0
    192.168.98.0/24 link#2 U igb1
    192.168.98.1 link#2 UHS lo0
    192.168.99.0/24 link#1 U igb0
    192.168.99.2 link#1 UHS lo0

    Internet6:
    Destination Gateway Flags Netif Expire
    ::1 link#5 UH lo0
    fe80::%igb0/64 link#1 U igb0
    fe80::20d:b9ff:fe49:1580%igb0 link#1 UHS lo0
    fe80::%igb1/64 link#2 U igb1
    fe80::20d:b9ff:fe49:1581%igb1 link#2 UHS lo0
    fe80::%igb2/64 link#3 U igb2
    fe80::20d:b9ff:fe49:1582%igb2 link#3 UHS lo0
    fe80::%lo0/64 link#5 U lo0
    fe80::1%lo0 link#5 UHS lo0
    fe80::20d:b9ff:fe49:1580%ovpns1 link#8 UHS lo0
    fe80::%ovpnc2/64 link#9 U ovpnc2
    fe80::20d:b9ff:fe49:1580%ovpnc2 link#9 UHS lo0

    ISP Router IP: 192.168.99.1

    Whan I log into my pfsense box and make a traceroute with source ip of the WAN Interface to an IP behindd the LAN Interface it is routed to my ISP Router and not to the LAN Interface.

    traceroute -I -s 192.168.99.2 192.168.98.2
    traceroute to 192.168.98.2 (192.168.98.2) from 192.168.99.2, 64 hops max, 48 byte packets
    1 192.168.99.1 (192.168.99.1) 0.743 ms 0.478 ms 0.464 ms
    2 *^C

    Same happens whean I try to traceroute to an IP Adress behind the OPT1 Interface.

    2.4.4-RELEASE][admin@pfSense.localdomain]/root: traceroute -I -s 192.168.99.2 192.168.44.2
    traceroute to 192.168.44.2 (192.168.44.2) from 192.168.99.2, 64 hops max, 48 byte packets
    1 192.168.99.1 (192.168.99.1) 0.826 ms 0.731 ms 0.516 ms
    2 *^C

    Is there something to configure to get it working ?

    Thanks in advance
    DerBorbecker



  • @derborbecker said in Routing between WAN and LAN, OPT1 Interface:

    Whan I log into my pfsense box and make a traceroute with source ip of the WAN Interface to an IP behindd the LAN Interface it is routed to my ISP Router and not to the LAN Interface.

    Your ISP Router should be in front of your WAN interface = upstream.
    Your tarceroute goes the other way = down stream.



  • Hello there! May you double check that the routing entry "192.168.44.0/24" is still presented in the IP routing table after performing a "traceroute" command?

    Thanks



  • @derborbecker said in Routing between WAN and LAN, OPT1 Interface:

    traceroute -I -s 192.168.99.2 192.168.44.2

    The routing table is unchanged after the traceroute commend.

    I don't understand why the static route to 192.168.44.0/24 Network is ignored, when I specify the WAN Interface as Source Address.



  • WAN as as source (starting pint) , and you're going in.
    The firewall isn't just doing what it is ought to do ?


Log in to reply