Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Subnets Acting Erratic

    General pfSense Questions
    2
    3
    2600
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xtropx last edited by

      More trouble with pfsense.  ::)

      I have my pfsense box with 3 interfaces. A)WAN B)LAN C)DMZ
      I gave LAN 192.168.0.1/26 DHCP ON
      I gave DMZ 192.168.0.65/26  DHCP OFF

      My Win2008 server sits on the .64 network. I initially turned DHCP on on this network. Network connection status showed DEFAULT GATEWAY as the IP of the DMZ interface (192.168.0.65), but I was unable to ping it. ??? However, I COULD ping 192.168.0.1.

      I turned DHCP off on the interface and then the Server was getting an IP range from within the .0/26 network.

      So I changed my firewall rules from * 192.168.0.0/26 * 192.168.0.64/26 * * (allowing everything between the two networks) to just allowing TCP/UDP. I could no longer ping the 192.168.0.1 address, (or the .65).

      Turned DHCP back on, created a reservation for the server, (.70). Now the server is getting that address from the default gateway of 192.168.0.65, but I still can't ping it.
      Can't get outside to ping google or anything either.

      Any insight into this would be invaluable. How can I be getting an IP from DHCP through a gateway that I can't even ping? :o

      Regards,

      xtropx

      1 Reply Last reply Reply Quote 0
      • W
        wallabybob last edited by

        @xtropx:

        I have my pfsense box with 3 interfaces. A)WAN B)LAN C)DMZ
        I gave LAN 192.168.0.1/26 DHCP ON
        I gave DMZ 192.168.0.65/26  DHCP OFF

        My Win2008 server sits on the .64 network. I initially turned DHCP on on this network. Network connection status showed DEFAULT GATEWAY as the IP of the DMZ interface (192.168.0.65), but I was unable to ping it. ??? However, I COULD ping 192.168.0.1.

        It is hard to say without seeing the exact command and response. Perhaps you have a dns "problem".

        @xtropx:

        I turned DHCP off on the interface and then the Server was getting an IP range from within the .0/26 network.

        You have the LAN and DMZ interfaces connected to the same switch?

        @xtropx:

        So I changed my firewall rules from * 192.168.0.0/26 * 192.168.0.64/26 * * (allowing everything between the two networks) to just allowing TCP/UDP. I could no longer ping the 192.168.0.1 address, (or the .65).

        Your changed firewall rules block ping. (ping is a particular kind of icmp, not udp and not tcp.)

        1 Reply Last reply Reply Quote 0
        • X
          xtropx last edited by

          I really screwed it up. I originally was trying to design this network to be able to connect into my ESXi machine to test IPV6 in Windows Server 2008. I wanted a separate network that would stem from the Server 2008 box to hand out IPV6 DHCP, but I also wanted the server to have IPV4 connectivity to offer other services to my IPV4 network. I think maybe I am just in over my head. I included a diagram of how I had things before, which makes it painfully obvious why nothing was working. The right side of the diagram is my attempt at fixing the network to get the functionality I want through VLANs and Router on a Stick (never been able to get pfsense to do VLAN routing) but I quit when concluded that I really didn't know what I was doing. Feel free to take a look if you want. I pick things up pretty quick, maybe you will have a suggestion or help point me in the right direction.

          http://i427.photobucket.com/albums/pp360/xtropx/network.jpg

          Regards,

          xtropx

          1 Reply Last reply Reply Quote 0
          • First post
            Last post