Unable to load webpage
-
Hi all! I have some problems with my setup. I'm trying to configure local access from LAN1-LAN2 in pfSense. Everything works fine except where I need to ping the local address first in the client device before I can access the destination's resources or services (ex. webpage, ping). Can someone help me with this? Thanks
-
You have to ping the pfSense interface address first?
That sounds like an ARP issue. Check Diag > ARP before and after pinging. See what gets added, if anything.
Steve
-
@stephenw10 said in Unable to load webpage:
You have to ping the pfSense interface address first?
yes and all other hosts belongs to that subnet.
@stephenw10 said in Unable to load webpage:
That sounds like an ARP issue. Check Diag > ARP before and after pinging. See what gets added, if anything.
Before ping, no entry from the target host. After ping, there is an entry.
-
Hmm, OK so you have to first ping anything you want to access?
Normally if a device has expired from the ARP table it will be renewed as soon as you try to connect to it using any protocol. So make sure that is not happening without pinging.
Another possibility here might be an asymmetric route of some kind. Do you have more than one router on either subnet? Or are any of those hosts multi-homed in both subnets?
-
Yes, the other subnet (which I'm trying to access) belongs to another router (which is also pfSense).
-
Ah OK. So how is the routing arranged here?
Hosts in LAN2 are using the other pfSense as their default route?
The other pfSense has a static route to LAN1 via the first pfSense?But this is almost certainly an asymmetric routing issue. You should remove that route if possible by adding a transport subnet between the two routers. If that's not possible then you can add rules to allow it:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/asymmetric-routing.htmlSteve
-
@stephenw10 thank you. everything works fine now!