Can't ping different subnet…?



  • Ok so like I had a spare linksys router(BEFSR41 v4.1), and I connected a modem to that. I told the router to disable DHCP and run on 192.168.3.1/24
    Then on one of the lan ports, I connected that to a switch that conencts the two networks together(See next post for info)

    Now pfsense is running on 192.168.1.1/24

    I tried a laptop, I made it connect to my wireless access point of 192.168.1.245, and it got an ip of 192.168.1.115, which makes sense.
    Then I tried to ping 192.168.3.1 but could not recieve pings back. I changed the ip of the laptop to 192.168.3.116 and it could connect to the web and ping 192.168.3.1, I could not ping the original subnet of 192.168.1.0 or any host in it, incuding pfsense. Then I tried doing the same to my desktop, and still could not ping between the subnets. Am I doing something retarded?

    EDIT: Oh add virtual ip to 192.168.3.0/24 for ip alias, i can now ping from pfsense, but I cannot ping from my desktop. Any ideas?


  • Netgate Administrator

    No route in place.

    So you added an extra gateway? I think we need a diagram.

    Steve



  • http://forum.pfsense.org/index.php/topic,32760.0/all.html

    That thread has my wacky 2 way WAN, not sure if relevant.

    I will make a nice image when I get home (This one here is overly simplified, I have more switches and stuff, but that should not be relevant)

    WAN, OPT1
    | |
    | |
    | |
    Pfsense(192.168.1.1, DHCP on)
    |
    |
    |
    Wireless Access point(192.168.1.245)–--------------Switch–-(**Linksys router(**192.168.3.1, DHCP disabled)–-WAN)
    |
    |
    Wired Computers n stuff


  • Netgate Administrator

    Hmmm,
    You have a strange network setup.  ???
    In order to route packets between subnets you need a router, like pfsense. Your switch is not a router and will not route between subnets.
    Your computers, both wireless and wired, are receiving their ip address via pfsense dhcp where they are also told the gateway address and dns address. When you try to ping 192.168.3.x the only place it can send those packets is at the gateway but pfsense doesn't know about your linksys device unless you have added a static route. Even then you will probably have trouble because the pfsense box would have to send packets back out of the same interface they came in on and that can be problematic.

    As it is you have two subnets existing on the same network section. That's OK. Anything that you set manually to be 192.168.3.x will use the linksys and it's wan.

    To get routing working connect the linksys to OPT1.

    Steve



  • @stephenw10:

    Hmmm,
    You have a strange network setup.  ???
    In order to route packets between subnets you need a router, like pfsense. Your switch is not a router and will not route between subnets.
    Your computers, both wireless and wired, are receiving their ip address via pfsense dhcp where they are also told the gateway address and dns address. When you try to ping 192.168.3.x the only place it can send those packets is at the gateway but pfsense doesn't know about your linksys device unless you have added a static route. Even then you will probably have trouble because the pfsense box would have to send packets back out of the same interface they came in on and that can be problematic.

    As it is you have two subnets existing on the same network section. That's OK. Anything that you set manually to be 192.168.3.x will use the linksys and it's wan.

    To get routing working connect the linksys to OPT1.

    Steve

    Hmm I C, though, howcome when I add virtual IPs I can ping from pfsense though?  Also I don't really want to put the modem into pfsense, as I don't have a spare PCI slot on it, and I don't really want to spend cash on a pci 1x one… Also would be kinda neat if say my pfsense box blew up, I could still go online by just switching my ip to 192.168.3.x



  • So is this question solved? I am just wondering if there is another way, not that it's super vital or anything, but would be pretty neato.


  • Netgate Administrator

    If you connect your linksys router to OPT1 then you can configure pfSense to use both WAN connections for load balancing or failover. I would have thought you would want to use both if you are paying for them.
    Rename OPT1 as WAN2 for simplicity. Leave DHCP on in the Linksys and have pfSense get it's IP for WAN2 that way. Traffic going via WAN2 will be double NATed but that usually works fine just make sure they're using different subnets and you have unchecked 'block private networks' in pfSense.
    This way if your pfSense box expires (why would it?) you only have to move one cable, from pfSense LAN into the Linksys, to get back on line. You don't even have to reconfigure anything.

    Steve


Log in to reply