Routing between vlans and subnets on an SG-1100



  • Hello,
    I am new to pfsense and I'm trying to get the SG-1100 routing traffic between the LAN and OPT networks.
    At this time, I have completed the setup wizard with mostly default settings and the LAN network is working perfectly running on 172.16.1.0/24 and providing DHCP.

    I then enabled the OPT interface and assigned it to 172.16.2.1/24 and set up DHCP along with a wide open firewall rule allowing any protocol to leave that network on any port.

    Both networks are working independently and allowing hosts to reach the internet.

    As expected, a host on 172.16.2.0/24 (OPT net) cannot reach a host on 172.16.1.0/24 (LAN net) and vice versa. This is what I would like to change. 172.16.2.2 is a managed switch that I would like to be able to access from the 172.16.1.0/24 network for administration purposes.

    I have tried entering firewall rules that allow all protocols on all ports from the LAN net to the OPT net on both interfaces and from the OPT net to the LAN net on both interfaces.

    I can ping the 172.16.2.1 (OPT) interface on the sg1100 from a host on the 172.16.1.0/24 network.
    I can ping the managed switch on 172.16.2.2 from the 'ping' diagnostic page in the web interface, as long as I send the ping from the 172.16.2.1 (OPT) interface.

    I cannot ping the 172.16.2.2 switch from a host on the 172.16.1.0/24 network.
    I cannot ping the 172.16.2.2 switch from the LAN interface in the 'ping' diagnostic page in the web interface.
    What am I doing wrong?


Log in to reply