[SOLVED]Multi-lan via route

pochkaev · Aug 16, 2011, 4:06 PM

tracert is going right:
from 10.100.101.20 :
1. 10.100.101.1
2. 10.121.101.1
3. 10.121.101.2
4. 10.121.101.21
The same on the other way. In System log I see that ICMP traffic is passing by rule any to any. But RDP or other traffic is blocked by "Default rule"

Metu69salemi · Aug 16, 2011, 6:21 PM

What version you have? i mean snapshots

pochkaev · Aug 16, 2011, 6:29 PM

I'm sorry, but I don't understand what snapshots mean (((
version of PFsense 2.0 RC3

Nachtfalke · Aug 16, 2011, 6:43 PM

Are you sure the problem with RDP isn't the firewall on the server ?

The actual Version (snaptshot) of pfsense is displayed on the main page (dashboard) after you have logged in to the pfsense web GUI.

pochkaev · Aug 16, 2011, 6:53 PM

2.0-RC3 (i386)
built on Tue Jun 21 16:50:25 EDT 2011
Update available. Click Here to view update.

RDP begin woking if I add route on the server121 (10.100.101.0/24 gw 10.121.101.1) without pfsense.

P.S/ Why do I see block rule log.
I know some guys have the same problem in Kerio version 7.0 and higher, and in TMG 2010, BUT no such problems in kerio 6.0 and isa 2006

Nachtfalke · Aug 16, 2011, 7:02 PM

@pochkaev:

2.0-RC3 (i386)
built on Tue Jun 21 16:50:25 EDT 2011
Update available. Click Here to view update.

RDP begin woking if I add route on the server121 (10.100.101.0/24 gw 10.121.101.1) without pfsense.

P.S/ Why do I see block rule log.
I know some guys have the same problem in Kerio version 7.0 and higher, and in TMG 2010, BUT no such problems in kerio 6.0 and isa 2006

No I see.
in you scenario pfsense is NOT a router ist just configured as a bridge, right ?
the the gateway for pfsense and for als clients on subnet 10.121.101.0/24 is 10.121.101.1

pochkaev · Aug 16, 2011, 7:07 PM

@Nachtfalke:

@pochkaev:

2.0-RC3 (i386)
built on Tue Jun 21 16:50:25 EDT 2011
Update available. Click Here to view update.

RDP begin woking if I add route on the server121 (10.100.101.0/24 gw 10.121.101.1) without pfsense.

P.S/ Why do I see block rule log.
I know some guys have the same problem in Kerio version 7.0 and higher, and in TMG 2010, BUT no such problems in kerio 6.0 and isa 2006

No I see.
in you scenario pfsense is NOT a router ist just configured as a bridge, right ?
the the gateway for pfsense and for als clients on subnet 10.121.101.0/24 is 10.121.101.1

Yes…
P.S. NAT is manual only for WAN interface

jason0 · Aug 16, 2011, 9:52 PM

Hello,

Do you have the "block rfc1918 networks" checked on any of the interface configurations? That will block incoming connections from 10., 172.16.0.0-172.31..*, and 192.168.0.0-192.168.255.255.

–jason

pochkaev · Aug 17, 2011, 5:51 AM

block rfc1918 networks" doesn't checked on any intefrace((((

pochkaev · Aug 17, 2011, 8:22 AM

I think that thr topic may be closed. the problem was in router 10.121.101.1 (dlink 2500)? it doesn't work correct with routes with /24 mask. It works only with /32 mask

Nachtfalke · Aug 17, 2011, 8:56 AM

As far as I know you can close the topic on your own.
Please put an [SOLVED] in front of your topic of the first post so that everybody knows that you found a solution.