Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Simplest WAN static route not working

    Routing and Multi WAN
    2
    3
    853
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aaaskew
      last edited by

      I am trying to setup the simplest of static routes on the WAN interface without success. Based on packet capture from pfSense, a Ping sent from pfSense to a static route IP still gets sent to WAN default gateway MAC address. Tried pfSense 2.6.0 and 2.7.0.a.20220320.0600.

      Setup:

      • WAN 10.1.18.2/24 Default Gateway 10.1.18.1

      • Default Gateway IPv4 WANGW

      • OtherGW 10.1.18.100

      • Static route 192.168.50.0/24 Gateway OtherGW - 10.1.18.100

      • WAN Interface private network not blocked

      • Ping from pfSense does not go through

      • Used pfSense Diagnostic Packet Capture and Wireshark

      • Checked pfSense ARP table - It does know both gateway MAC addresses

      • Checked pfSense Route Table - Static route present and correct

      This is a fresh install test on a VM so no other settings changed. The fact that Ping and Traceroute show packets going to the wrong WAN gateway means this is not a firewall issue but purely a routing issue I believe.

      Anyone have any ideas or should I raise a bug ticket in Redmine?

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @aaaskew
        last edited by

        @aaaskew said in Simplest WAN static route not working:

        The fact that Ping and Traceroute show packets going to the wrong WAN gateway means this is not a

        Where are you pinging from? Are you using a policy route? a firewall rule that has a gateway set on it.

        Lets see pfsense routing table..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        A 1 Reply Last reply Reply Quote 0
        • A
          aaaskew @johnpoz
          last edited by

          @johnpoz Many thanks for the reply.

          • I am pinging from the web interface of the pfSense itself so I expect the packet to be generated for the WAN interface directly, although I have also tried from a PC on the LAN interface, I wanted to simplify the issue as much as possible.
          • As mentioned, this is a fresh install with as little as possible changed to demonstrate the problem. No WAN firewall rules, no NAT rules, only the default LAN firewall rules that are not policy routed as I did not change any of their configuration options.

          I will attach some screenshots with my routed network hidden although I guarantee it is not the same or overlapping with the WAN or LAN subnets.

          1. The Ping: pfsense_ping.png

          2. The ARP table: pfsense_arp.png

          3. The route table: pfsense_routes.png

          4. The captured ping packet going to the default route MAC address rather than the OtherGW MAC address: pfsense_wireshark.png

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.