Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1 WAN/Multiple LAN Subnet Routing problem???

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trini0
      last edited by

      I've known of pfsense for a long time, but today is the first time trying it out.
      I'm currently rebuilding my lab network, which used to consist of FreeBSD v7.2 as a firewall/router, and 2 Vyatta v4 routers.
      Everyone played nice, and things were great.
      I'm rebuilding the network using pfsense 1.2.2 and 1 Vyatta v5  router that sits on multiple networks.
      The network is basically the same as how it was built before, but for some reason, I cannot figure out why clients behind the router cannot ping the internet.

      Here is a simplified diagram of the network ->
      http://imagebin.ca/view/jPPqsh8.html

      The client PC can ping the vyatta router, can ping the firewall, but cannot ping the internet.
      I'm using the RIP protocol on both pfsense and vyatta to figure to out the routing.
      I do not remember if I did anything else special, but for some reason, I cannot get the clients to ping past the firewall.  I modified the firewall rules so that it doesn't block the internal LAN.

      I can ping the IP address of the modem, but cannot get to my ISP's gateway.
      I believe I have a routing issue.  Here is what my routing table looks like ->
      http://imagebin.ca/view/0_NovTpA.html

      Can anyone see what my problem is and suggest a fix.

      Thanks

      1 Reply Last reply Reply Quote 0
      • T
        trini0
        last edited by

        I figured out the problem.
        I turned off Automatic outbound NAT, and set an appropriate source range, and it automagically started working.
        Thanks for looking..

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG
          GruensFroeschli
          last edited by

          Hmm.
          Not sure why you have this behaviour.
          According to cmb:
          @http://forum.pfsense.org/index.php/topic:

          All locally connected subnets, whether locally attached or configured via static route automatically have outbound NAT rules created for every WAN interface. This is true in 1.2 RC versions and newer at least, probably some 1.2 beta releases prior to RC. I don't recall exactly when it was added but it's been that way for a while. You only need AON if you require static port or have some complex NAT needs requiring you to disable the aforementioned automatic behavior.

          the outbound NAT rule should automatically be created.
          Maybe it doesn't work automatically because the route is added via RIP.

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.