Static route problem

nnicanor

I trying instructions from this forums since 2.0 beta versions and i can't solve the problem, i have configured static routes to use with Erp applications, internal mail server, ftp transfer and voip between office localized in different sites of my country, all works fine and connected through service provider with data channels, and working fine with pfsense 1.2.2, my principal site have internet connection and i share with all sites.

I have pfsense 2.0.1 in principal site, network 192.168.0.0/24 pfsense box is 192.168.0.2 and static route is 192.168.0.1 to connect all sites.

In secondary site i have pfsense 2.0.1 network 192.168.5.0/24 pfsense box is 192.168.5.3 and static route is 192.168.5.1 to principal and other sites, traffic to principal site stop (FTP,SMP,http) no all times but fails.

In third site i have pfsense 1.2.2 network 192.168.9.0/24 pfsense box 192.168.9.1 static route is 192.168.9.3 to connect to principal and other sites, all work fine, i install pfsense 2.0.1 and get same result as secondary site.

if i install pfsense 1.2.2 in secondary site all static routes work fine with all sites, problem is present in 2.0.1 with upload traffics with principal site.

if i remove pfsense boxes all work fine, i test with monowall and other firewall linux based and fisical routes and works fine

i posted in forums this issues, i used all instruction forums but problems persist, 2.0 is very good.

how i can monitor to find problem, i am sure that is a bug i have testing since first beta version.

Regards

Nicanor Martinez

jimp

I moved this to a new thread since the previous thread you hijacked was already answered and your issue may not be related.

Please review the following link again and make sure your interface rules take this into account if you are defining gateways on firewall rules (for static route networks, you must pass -without a gateway set on the firewall rule- so the traffic follows the system routing table.

http://doc.pfsense.org/index.php/Multi-WAN_2.0#Policy_Route_Negation

jimp

I deleted your identical post from another thread you hijacked. Please keep discussion of one problem in one thread, and do not hijack existing unrelated threads.

nnicanor

Thanks,

But i use this setting and problem persist.

i am going to send images of my configuration to find the problem.

Regards

Nicanor

nnicanor

Please review my configurations images:

nnicanor

jimp

Please re-read my earlier post, especially the part in bold.

nnicanor

About ?

without a gateway set on the firewall rule

I was used without a gateway before i changed according Policy Route Negation instruction.

Regards,

Nicanor

jimp

Your rules passing to that gateway have the gateway set on the firewall rule, exactly what it says not to do. You do not set gateways on firewall rules for static routes.

That is for multi-wan gateway selection, not static routes.

nnicanor

Ok understood,

But i used before without gateway set on rules and same problem, i have multiwan configured and also static routes in secondary site,  i have same scenery in 1.2.2 and no problem, what is wrong ?

Regards

Nicanor

jimp

1.2.x didn't show static route gateways in the firewall rule options.

I'm not sure what you had setup there but it wasn't doing what you thought it was.

nnicanor

I resume…

Principal site is not multiwan and have static routes pfsense 2.X ...

Secondary site is multiwan and have static routes pfsense 2.x

third site not multiwan only one LAN for 2 years and no problems, since 3 month i added multiwan an multilan same box same version with no changes and no traffic problems.

I think multiwan an multilan configurations affects rules for static routes ?

have any tool to monitor rules traffic for specific ip through static routes to find cause of block or transmission stop ?

Thanks for your help

Regards

Nicanor Martinez

nnicanor

Jimpp

Comercial support can analize and solve my problems ?

Regards

Nicanor Martinez

nnicanor

Hello,

I recreating small environment with virtual box one pfsense acts as router and  second pfsense acts as firewall and windows xp virtual machine inside inet, configuring static route and after testing i found same issue when uploading data through static routes.

nnicanor

Explanation.

Pfsense is router LAN is 192.168.1.0/24 route to 192.168.0.0/24 Lan ip is 192.168.1.1  wan ip is 192.168.0.114 all traffic to deferents subnets pass i disabled packer filtering  on pfsense and configure and static route to principal firewall to reach secondary network

Pfsense1 is firewall  wan is a public ip and LAN is local ip on inet network 192.168.1.2

When i try to upload a file via ftp traffic stop from network 192.168.1.0/24 to 192.168.0.0/24

if you want to test i can upload all virtual environment to one server.

Regards

Nicanor