Pfsense ping
-
Hoi,
Ik heb Pfsense opgezet en kan vanuit de Pfsense naar buiten en de lokale stations pingen maar vanuit de lokale stations kan ik de Pfsense niet bereiken.
Wan = 100.64.0.188 /16
Lan = 100.64.27.222 /16Thanks in advance
-
Your WAN and LAN networks overlap.
Why are you using public IP space for LAN and not RFC1918?
You really have a public /16 from your ISP?Sorry to answer in english, didn't notice this is the Nederlands section but was able to read your problem (I think).
-Rico
-
100.64 is cgnat range 100.64/10
But yeah such a setup would never work.. I don't see how pfsense would of allowed you to create that even. So wan must be dhcp? And they hand out a /16?
-
Hi Thanks for your answer the wan connection is deliverd by a Cisco Meraki router through dhcp They have setup the subnet mask /16 so 255.255.0.0
Asi well wan as the lan are in the same subnet is that a problem ?
Greetings
-
Yeah you can not have overlapping networks on wan and lan and expect for routing to work ;)
Who exactly setup 100.64/16 to be handed to your pfsense? That is just horrible horrible choice.. I could see using cgnat range.. But what do they have like 65k clients connected to the same L2?
For your pfsense lan use one of the normal rfc1918 address blocks, 10/8, 172.16/12, 192.168/16 with the appropriate sized mask for the number of clients you will have on your network.. A /24 normally would work, unless you have more than 250 clients? Or plan on growing past that number really soon..
-
Hi John,
It is not my choice to use a mask of 16 it’s Being handled by a Cisco Meraki wich i have no controle over.
The Reading the Reason why they us a mask of 16 is not clear to me they have About 20 to 40 workstations so its alot of overkill but again i have no control the only thing i can do is to place a router after the Cisco and let it gIve out a normal range /24Thank you for your help
