Can't get pfSense to route packets in/out my network (FW and NAT disabled) VLANs
-
Hi guys,
I am trying to achieve something very simple. Let's say I have 200.44.0.1/24 by my ISP and I also have 199.0.0.10/30 my ISP router is 199.0.0.9 and my "WAN" IP is 199.0.0.10
I need pfSense to be just a man in the middle but act as "ip forwarding" and VLANs - why? My backend switch does not support advanced L3 features such as routing. Therefore pfSense is what I am trying to implement.
WAN
– ISP 199.0.0.9
-- pfSense 199.0.0.10switch (dell powerconnect 5448) - VLAN tagging enabled
- VLAN 10 - Public IP 200.44.0.129 /29 - under pf vlan gateway IP 200.44.0.129
- VLAN 20 - Public IP 200.44.0.136 /29 - under pf vlan gateway IP 200.44.0.137
- VLAN 30 - Public IP 200.44.0.144 /29 - under pf vlan gateway IP 200.44.0.145
pfsense Default gateway 199.0.0.9
-- Packet filtering DISABLED
-- NAT set to "manual outbound"What works?
- I can ping gateway IPs from hosts, VLAN tagging works on the switch level like a charm.
- I can ping pfsense from hosts within VLAN
What does not work?
- I can't ping the "next hop" router (ISP) 199.0.0.9 (keep in mind packet filtering is disabled)
- From the internet I cannot ping my public IPs on the VLANs I created on pf
- Hosts don't seem to get external internet access, like pfsense is not doing ip-forwarding ??
Any help is appreciated, yes under gateway in pf I see 199.0.0.9 as pingable and up.
-
Your ISP is not routing the IP properly. Please check with them. I asked this in your other ticket, but, if you can ping WAN IP but not WAN GW IP, then the ISP is the problem as they are not routing correctly. Perhaps they are sending your /24 to .9 instead of .10 or something like that.