Green network (Mgmt) cannot talk out to Internet
-
I have been running pfSense for a number of years. I am totally stuck on this one. Please bear with me as it probably illustrates my lack of knowledge but after reading and working I'm still stuck.
Problem Summary: Green network cannot talk out to Internet
Environment:
pfSense 2.4.4-RELEASE-p3
(Red) WAN x.x.x.85 - GW Opt3 - x.x.x.81
(Orange) LAN1 y.x.x.226
(Green) Mgmt 192.168.6.7 - GW Opt1 - 192.168.6.254Detailed Description: I have 12+ servers on my pfSense firewall. I have a range of public IP addresses. To date, each server has an Orange interface and a green Interface. Each Orange interface has one or more public IP's assigned to it (ie y.x.x.x) and a Green interface (ie 192.168.6.x). Each go to their own respective switches and tie to pfSense. So everything has had a 1:1 tie to a public IP address.
There are some servers that do not need a public IP - they interact only on the Green network between servers. However, they do need to talk out to the Internet for REST API calls, etc. I would like to drop the Orange (public) IP for these servers and just have them on the Green. But Green does not talk out to the Internet.
Under Firewall...NAT...Outbound I selected "Hybrid Outbound NAT" and I've added one additional Mapping for "192.168.6.0/24" for Any.
On a server (Linux) I do:
route del default
route add default gw 192.168.6.254 enp129s0f1then if I do a route command it hangs for an extended period and gives me the following:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 0 0 0 enp129s0f1
link-local 0.0.0.0 255.255.0.0 U 1009 0 0 enp129s0f1
192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 enp129s0f1I cannot ping 192.168.6.254 or x.x.x.85
So I did the following:
route del default
route add default gw 192.168.6.7 enp129s0f1The route command still hangs for a while and displays the same as before.
I can ping 192.168.6.7 and x.x.x.85
I can not ping 8.8.8.8 or any other outside IP addressAny help in getting this to work would be greatly appreciated.