Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    After router replacement, 2nd server NIC stops working

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    1 Posts 1 Posters 92 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      repetty1
      last edited by

      Server with 2 NICs (1 for internal use and 1 for public-facing servers).

      Running pfSense 25.11.1-RELEASE

      The last few months, I've been rejiggering parts of my home network, moving from a plain Debian server to TrueNAS, setting up Docker-based services, etc.

      I was running Immich in Docker in TrueNAS. HAProxy was handling
      forwarding external connections to it on "public" NIC, with a Let's Encrypt cert.

      When I was still running Debian instead of TrueNAS, I had two Apache web sites running inside of a virtual machine and they were serving just fine from the "public" interface.

      Everything was running perfectly but my old router failed. I bought a new one and restored from a saved config file.

      Original Router: little 2-port SG-2220
      New Router: little 5-port SG-2100

      TrueNAS private internal interface: 10.10.20.10
      TrueNAS public external interface: 10.10.50.10

      Public VLAN gateway of 10.10.50.1 is pingable from my infrastructure network of 192.168.0

      nmap 192.168.0.1 (pfSense)
      PORT STATE SERVICE
      22/tcp open ssh
      53/tcp open domain
      443/tcp open https
      8443/tcp open https-alt (pfSense)

      nmap 10.10.50.1 (gateway of public VLAN)
      PORT STATE SERVICE
      22/tcp open ssh
      53/tcp open domain
      8443/tcp open https-alt (pfSense)

      Obvious security problem here, which I will address later.

      I have 6 VLANs defined and they work fine on the new router. Also, internal web sites (pfSense, TrueNAS, WAP) work okay. HAProxy is forwarding the traffic and providing encryption with no trouble.

      My problem is that I cannot access servers running in Docker on the "public" interface. When I turn on HAProxy health check, it says that the server is not running but it is.

      Could be a problem with the new router's built-in network switch, which the old router did not have. Currently, the switch in the new router is running as a dumb switch (no VLANs configured). I think that is basically what the old router's single LAN NIC was doing.

      I really don't think that the new router's built-in switch is the problem. If it was, I'd have other VLAN-related problems, which I don't.

      I feel like I must be overlooking something obvious.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.