Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot ping OPT1 interface between two pfSense boxes.

    Firewalling
    1
    2
    1796
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      itsacademic
      last edited by

      Here's my setup, which I intend to install CARP on when I have them communicating correctly.

      Two Dell PowerEdge 1850 machines with one of the Broadcom NICs turned off (I was plagued with Network Interface Mismatch errors when both were turned on. I think there is something buggy here as I've never seen a response in the forums that overcomes this issue reliably when using multiple NICs from the same manufacturer). In each machine I have added an Intel NIC & a 3COM NIC.

      em0 (onboard Broadcom) is assigned to the LAN with 192.168.90.2/24 in the first box & 192.168.90.3/24 in the second (these will be virtualized to 192.168.90.1 later for CARP)
      fxp0 (Intel) is assigned to the WAN with Static addresses at 192.168.17.2/24 and 192.168.17.3/24 respectively (again later to be virtualized for CARP)
      el0 (3com) is assigned to the OPT1 interface, which I have renamed to SYNC on each box. One box has the address 192.168.0.2/24 & the other 192.168.0.3/24. Both interfaces are enabled.

      On each box I have created a Firewall rule for the SYNC interface that passes all traffic any protocol everywhere i.e. all * in the Proto, Source, Port, Destination, Port, Gateway boxes. I then hooked the two SYNC interfaces together by a crossover cable. Status/Interfaces shows both SYNC interfaces are UP. Diagnostics/Routes shows what I think is correct, i.e.:

      192.168.0.0/24  link#1    UC    0    0    1500  xl0

      So I thought that with the firewall rules created, the route table looking fine & the interfaces connected by a crossover cable I should be able to ping the other machines SYNC interface from Diagnostics/Ping, but no dice, I get:

      Ping 192.168.0.2 (192.168.0.2) from 192.168.0.3 :56 data bytes
      –- 192.168.0.2 ping statistics ---
      3 packets transmitted, 0 packets received, 100% packet loss.

      I know I must have missed something, but no matter how many time I go over it I cannot see my mistake, which there must be.

      Can anyone help me see the error of my ways?

      Thanks,
      --Nick.

      1 Reply Last reply Reply Quote 0
      • I
        itsacademic
        last edited by

        Please ignore my ramblings. It was a state issue.

        –Nick.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post