Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem after routing another network from pfSense

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      josemaX
      last edited by

      Hello all,

      I've a problem that is driving me crazy  : ???

      I have a pfSense box (pfSense 1) managing my internet conection and i needed to add a subnet that is isolated from my LAN (from the new subnet to my LAN) so i installed a new pfSense box. I didn't connected it to the existing box because i need high bandwith between the 2 nets and i purchased a small server (Xeon  E31220 @ 3.10GHz) to accomplish this.

      This box (pfSense 2) is connected to my lan (by the LAN interface) and in the WAN are connected the servers in the other subnet.

      I created a gateway entry in pfSense 1 to the new subnet (172.16.10.0/27) and a static rule to it via 172.16.1.157 that is the pfSense 2 LAN interface.

      What i want to do is somekind of DMZ.

      The problem is that connecting from original LAN to new sublan (the one in the WAN pfSense 2 interface) is generally very slow. I say generally because one computer in my LAN works well (i get about 1Gbit/sec), but most of other computers only gets 60Kbit/s.

      (All this is what i picture you in schema A)

      So then, i moved the server from the new sublan to my main LAN, and it works fine with all computers.

      It gives me slow throughput by example by SCP a file (it gives me an STALLED error) and by run iperf (if helps, in UDP mode, it triggers an errir "read failed: Connection refused")

      I've tried the "Bypass firewall rules for traffic on the same interface" and even disabled "Disable all packet filtering" (just for trying)

      Can you help me?

      TIA,

      Best,

      **** SCHEMATIC A **** Traffic from a PC in the Switch LAN to Server A slow

      172.16.10.10/27  .10.1/27  1.157/21            172.16.0.1/21
      [Server A]–------[pfSense 2]–------[Switch]–------[pfSense 1]–------{ISP}
                      (WAN)    (LAN)          |          (LAN)    (WAN)
                                              |
                                    [PCs & other devices]

      • pfSense 1:
        Gateway to 172.16.10.0/27 via 172.16.1.157

      **** SCHEMATIC B **** Traffic from a PC in the LAN to Server A (also in the LAN) rigth

      172.16.0.77/21              172.16.0.1/21
      [Server A]–-------[Switch]–------[pfSense 1]–------{ISP}
                            |          (LAN)    (WAN)
                            |
                    [PCs & other devices]

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.