4. General Question: Routing between subnets

General Question: Routing between subnets

  • W

    Hi people,
    I ran into a problem and I am not sure if I have a general misunderstanding of routing. I think most of you can answer my question without thinking too much. MAybe I am too tired by now or maybe I am too confused. But I can't let go of this.

    I tried to add a OPT-inteface for wifi only. But first I could not reach that network. My LAN is 192.168.168.0/28 and I put the OPT-interface on 192.168.168.192/28. No ping, no http to w-lan-router, no nothing. As soon as I changed the opt-interface to 192.168.169.192/28 it worked. I continued and put this problem in the background.

    Could it be, that a routing between those subnets .168.0/28 and .168.192/28 is not possible? If so: What am I missing? Or is it more likely that I made some other mistake?

    I thought that the subnetbitmask would make it clear, that one subnet is from 192.168.168.1 to .15 and the other from 192.168.168.193 to .206 and routing between those should work directly… hmpf :-)

    Sorry for this boring stuff...

    Thanks a lot and kind regards,
    Sascha

    0
  • N

    In general this should work.

    Fo example I have

    WAN –- pfsense --- VLAN10 (172.17.0.0/22)
                          --- VLAN20 (172.17.60.0/22)

    this is working without problems and without doing anything on pfsense - no routing entries and so on. Just Firewall rules. Did you set firewall rules for both interfaces - LAN and OPT1 to allow traffic ?

    I am using pfsense as "routing only" plattform - so there is not NAT between the subnets.

    0
  • W

    Hi, thanks!

    Is it important, that you used a VLAN? Or is it just the way it is but doesn't matter in this context?

    I set some fw-rules. LAN->WIFI, but the AP-device only. And from WIFI->!LAN but everything else. The later worked :-) But I could not reach the AP-device from LAN … not even when I set the rule to any/any/any ....

    I guess I'll takte a new try today... a bit fitter, fresher and optimistic, thanks to your reply.

    Kind regards,
    Sascha

    0
  • N

    It's not important if you use VLANs oder physical LANs.

    But when you try to reach a device on any other subnet then you must make sure that the AP and the hosts do have a gateway in their config.

    So what you should try first:

    On the LAN interface set an "any to any" rule and on the WiFi LAN set an "any to any" rule, too.
    Then try to access the device and do your tests. If it isn't working then pfsense is probably not the problem but any other configuration on the hosts, APs and so on.

    0
  • W

    Okay… so today it works like it should.
    I don't know what went wrong before I opened this thread - I guess that day simply was too long  ;)

    Thanks for your kind support and detailed replys!

    Kind regards,
    Sascha

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy