one big WAN multiple pfSense cannot see each other on WAN

uz890ed

I have a /25 WAN, where I have many pfsense VMs connecting to the internet, all of them getting their own public IPs.
some have only one IP, but one has 15 IPs and there are quite some with 2-4 public IPs.

my Issue now is, that I cannot connect via WAN between those pfSenses..
so pfsense 1 cannot reach anythign hosted on pfsense 2.

how do I fix this?

viragomann

@uz890ed said in one big WAN multiple pfSense cannot see each other on WAN:

so pfsense 1 cannot reach anythign hosted on pfsense 2.

So what is the exact IP configuration of both on WAN and LAN?
What are the firewall rules?

I expect, that traffic would flow if all is configured correctly.

uz890ed

@viragomann

one example:
1pfsense:
1 public IP -> NAT tcp port 443 -> internal host.

now I cannot access this page from another network (on another pfsense) having his WAN-Interface on the same WAN-subnet.

but I don't have any problems to connect to this page from anywhere else (mobile Network from my Smartphone for example)

viragomann

@uz890ed
Again, what is the exact network configuration of both devices?

Do you try to access it via IP or host name? If host name, how is it resolved?

uz890ed

This post is deleted!

uz890ed

@viragomann They both use the same Upstream Gateway and both have a different public IP on their WAN-Interface but are in the same /25 subnet.

I access via DNS and it resolves to the correct public IP.

viragomann

@uz890ed
The WAN IP is configured with the /25 mask on both?

I access via DNS and it resolves to the correct public IP.

To the proper WAN IP, you want to access?

If so and if the internal subnets are different, I'd expect, that it works.
Otherwise you have to provide some more details to get closer to the issue.

johnpoz

@uz890ed you sure your isp doesn't isolate these IPs?

If your pfsense are on the same wan.. Do you see the mac address of pfsense 1 from pfsense 2?

Or is the switch setup for private vlans that your pfsense wans are connected too.

Do a simple test, from pfsense 1 ping pfsense 2 wan IP.. Does pfsense 2 see this traffic (via sniff on its wan).. Do you see the mac address on pfsense 1 after you ping?

uz890ed

@viragomann it was resolved by itself. there was an issue on the ISP-side where I get the IPs from.