[solved] Routing Question (me=confused :)



  • Strangely I have no WLAN<->LAN connectivity (ping) and am looking for help with my routing setup.

    
                 __________________            __________________________
    Internet –- |DSL Router       | ------- | re1     pfsense      re0 | ----------     LAN
                 |          .4.251 |         | .4.254            .1.254 |                .1.0/24 and 
                 |_________________|         |          re2             |                .2.0/24 via .1.200
                                             |________ .3.254 __________|
                                                          |
                                                    WLAN .3.0/24
    
    

    DNS Servers are .4.251 (obviously the DSL Router) and .1.2 (a Windows Server in the LAN)
    What Routes should I have to make this setup work? Currently the firewall is set to "Accept all", so that can't be a problem. I have the .4.251 as the default gateway - is this correct?

    
    # netstat -r
    Routing tables
    
    Internet:
    Destination        Gateway            Flags    Refs      Use  Netif Expire
    default            192.168.4.251      UGS         1      562    re1
    localhost          localhost          UH          0        0    lo0
    192.168.1.0        link#1             UCS         0        0    re0
    server1            00:08:54:41:21:6e  UHLW        1       11    re0   1205
    server5            00:30:48:8f:56:af  UHLW        1      626    re0   1139
    server9            da:16:3e:00:00:09  UHLW        1       10    re0   1084
    pc-12002           00:30:05:9a:2b:69  UHLW        1        0    re0   1134
    192.168.2.0        192.168.1.200      UGS         0        0    re0
    192.168.3.0        link#3             UC          0        0    re2
    192.168.4.0        link#2             UC          0       40    re1
    
    
    
    Interfaces:
    "WLAN" [static]                 re2     .4.254/24      Gateway .4.251
    "WAN"  [static]                 re1     .3.254/24      Gateway [blank]
    "LAN"  [bridge=none]            re0     .1.254/24
    
    Static Routes:
    Interface: LAN  	Network 192.168.2.0/24     Gateway192.168.1.200 
    
    NAT:
    Port Forward:        [empty]
    1:1                  [empty]
    Outbound:            (x) Automatic outbound NAT rule generation
    
    

    Hmm - while writing this I suspect the NAT to be the problem… What do you think?

    Thanks for your replies,
    nerbas.



  • pfSense is a firewall. The developers don't know what traffic should be allowed between interfaces so take the "secure" option - don't allow it.

    Have you added a firewall rule on the WLAN interface (re2) to allow traffic between WLAN and LAN? (I'm not sure exactly what you mean by the firewall is set to "Accept all".)

    How do systems on the wireless LAN know to use .3.254 as the gateway?

    Does DNS work on the WLAN systems? (e.g. do you get different results from 'ping by IP address' and ping by hostname')



  • Thanks for your reply, wallabybob!

    pfSense is a firewall. The developers don't know what traffic should be allowed between interfaces so take the "secure" option - don't allow it.

    :) I will, of course - as soon as the basic functionality works well. To be sure that the firewall options don't cause my described problems I simply set them to allow anything and everything.

    ave you added a firewall rule on the WLAN interface (re2) to allow traffic between WLAN and LAN? (I'm not sure exactly what you mean by the firewall is set to "Accept all".)

    There is one rule on every interface: Pass * * * * *

    How do systems on the wireless LAN know to use .3.254 as the gateway?

    Doesn't matter if the get it by dhcp or get configured by hand: my problem stays the same.

    Does DNS work on the WLAN systems? (e.g. do you get different results from 'ping by IP address' and ping by hostname')

    Does that matter? Even the 'ping by IP address' does not work!



  • @nerbas:

    Thanks for your reply, wallabybob!

    You're welcome.

    How do systems on the wireless LAN know to use .3.254 as the gateway?

    Doesn't matter if the get it by dhcp or get configured by hand: my problem stays the same.

    OK, systems should have appropriate default route.

    Does DNS work on the WLAN systems? (e.g. do you get different results from 'ping by IP address' and ping by hostname')

    Does that matter? Even the 'ping by IP address' does not work!

    If you had different results from 'ping by ip address' and 'ping by hostname' it would suggest a possible DNS issue.

    Lets get some more details:
    From WLAN, does ping to a system in the 1.x subnet get a response? How about to the 2.x subnet?
    From the 1.x subnet, does a ping to a 3.x system get a response?
    From the 2.x subnet, does a ping to a 3.x system get a response?

    You suggest you get the same result using 'ping by IP address' and 'ping by hostname' which suggests you have connectivity to your local DNS server .1.2 (else who supplies the translation from hostname to ip address for the 'ping by hostname' attempt?). Do you get a ping response from the local DNS server? If not, is it configured to ignore pings?



  • From the 1.x subnet, does a ping to a 3.x system get a response?

    oooooh bugger :D Thank you! This was exactly the problem. I didn't have a default route back into the .3 subnet - stupid me. The pfsense box was configured ok, but on the .1 client there was a different default gateway which didn't know anything about the .3 subnet.

    Thanks again! Works now :)


Log in to reply