Trouble with two internal LANS and routing between

  • Hello all,

    Bear with me, I'm new to the Netgate interface. I have a NG7100 that we are going to be implementing to replace a very old firewall. I am currently having an issue attempting to route between two segregated LANs in our deployment.

    WAN: Public IP coming from a core router

    Current setup:
    ETH2 IP (gateway for LAN traffic on 3.0/21)
    ETH2 VIP Alias ( GW lives on another router)
    Created a gateway in "routing" for
    Created rules in the firewall for > AND >

    This set of rules does not allow a client on to ping

    I then tried to create a static route for to the gateway. Pings then return an expired TTL value, meaning I have inadvertently created a loop somewhere in my routing.

    Can someone please explain to me what I've botched here? I understand this is probably more of a routings question than a Netgate question, but how do you learn if you don't ask, right?

  • @bascom_joshg
    So you have both subnets set up on a single interface?
    If you need more interfaces get a VLAN capable switch!

  • @viragomann
    All of the additional switch interfaces are available on the front of the NG except 1 and 2. I was reading through old forum posts and found where someone was able to resolve their routing issue by using a VIP in the netgate, figured it wouldnt hurt for me to try the same thing.

    I'll go back to the separate interfaces approach and try to config again, but I feel like I'm missing something. I have a 3750 behind the Netgate, so I could VLAN it that way as well, but I would prefer not to, since the NG will be doing the routing anyway.