Static route in LAN –-- LAN to access a printer
-
Hello ALL,
I have pretty simple situation that I can not handle. Here is scenario
WAN –----Pfsense---------switch--------WRT54G---------Printer
LAN1 LAN2Pfsense: GT 192.168.100.1 LAN 192.168.100.100-192.168.100.120
WR54G GT 192.168.1.1 LAN 192.168.1.100-192.168.1.120
WRT54G has WAN IP assigned by DHCP from PFSENSE 192.168.100.116
Printer has IP 192.168.1.115
After adding static route to pf still can't access PRINTER from DEsktop IP 192.168.100.120
Route added to pfsense:
Interface: LAN
Destination Network: 192.168.1.0/24
Gateway: 192.168.1.1I know I am doing something wrong. WRT54G shouldn't have gateway of 192.168.100.1 of pf?
Please advice. THX
-
Layout looks like this
 -
Additionally to creating the static route, you also need to configure your WRT54G correctly.
Is a firewall running on it?
Are you doing NAT? -
Yes,
FW is off on WRT54G. Do I need NAT for the printer? I think NAT is necessary for service like MSRDP
3389 TCP etc…. then yes I do, but for a printer I think I need a driver installed on the desktop and that's all for my network printer. -
Either you route and need the static route, or you NAT.
Can you disable the NAT? Then you could simply work with the static route.
If you cannot disable NAT, you need to work with a portforward to the printer.
You then dont need the static route since you will never access the printer via it's real IP, but via the IP of the WRT54G and the port forward. -
You mean NAT on WRT54 - right? yes I think I can disable NAT on WRT54G. So then I should be able use real IP of the printer 192.168.1.X - right?
THX
-
Yes.
Also make sure all devices behind the WRT54G use it as default gateway, and the WRT54G uses the pfSense as default gateway. -
OK I have changed the default gateway on WRT54G from 192.168.1.1 to 192.168.100.1 that is pfsense gateway and looks like I don't have DNS. If manually add dns server as 192.168.100.1 to WRT54G still no have internet …... is there anything that I have to add on pfsense besides static route to WRT54G?
Thank You
-
Did you create a firewall rule on the pfSense allowing the 192.168.1.0/24 subnet?
Per default only the LAN subnet (in your case 192.168.100.0/24) is allowed. -
If WRT54G and all devices should have pf gateway that is 192.168.100.1 so the STATIC ROUTE on pf should be like:
Interface: LAN
Destination Network: 192.168.1.0/24
Gateway: 192.168.100.1NOT like now:
Interface: LAN
Destination Network: 192.168.1.0/24
Gateway: 192.168.1.1 -
Sorry but it is obvious by now that you dont have a clue about routing.
May i suggest that you buy a book about routing, or ask someone that knows more.
Taking a class in basic networking at your local university might help as well.The numbers below are out of your diagram.
1: Clients behind the WRT54G (including the printer) need to have as default gateway the IP of the WRT54G on it's LAN side.
–> pool of 192.168.1.0/24, with WRT54G as 192.168.1.1, default gateway of all clients has to be 192.168.1.1.2: The WRT54G needs to have as default gateway the pfSense (which is on it's WAN).
--> WRT54G-WAN: 192.168.100.116 --> Default gateway of the WRT54G: 192.168.100.13: On the pfSense you create a static route for the subnet behind the WRT54G pointing to the IP of the WRT43G on it's WAN side.
--> Static route: 192.168.1.0/24 to 192.168.100.116 -
This is exactly how everything is configured and still no luck…... I will take a look into log files.
Finally, I can try a shoot with NAT if static route does not work. But this is very simple example with no additional configuration so I don't know why it does not work.
What I have noticed that I have 2 identical NIC cards installed and only one is in use but pfsense shows them both UP. The other one should be down as it does not have interface configured.
"Sorry but it is obvious by now that you dont have a clue about routing." - yeaa I have been fallowing 6 simple academic examples with static routes and none of them works + your GruensFroeschli and I am very appreciate for that. What I did I set up 2 Linksys DD-WRT V24 and static route works with that printer. The same settings were done between PFSENSE and WRT54G and no luck. I don't know what additional info can give in order to resolve that problem. I need software like pfsense becasue it has more functions that I can use. DD-WRT does not have them :(
Regards, MST
One more time thank you for your help.
-
Did you make sure the option "Bypass firewall rules for traffic on the same interface" under "system –> advanced" is enabled?
-
After enabling "Bypass firewall rules for traffic on the same interface" under "system –> advanced" ping to network 192.168.1.x was successful.
Case resolved. Thank You GruensFroeschli for a great support and your time.
Have a Nice Day!!!
