Problem after routing another network from pfSense
-
Hello all,
I've a problem that is driving me crazy : ???
I have a pfSense box (pfSense 1) managing my internet conection and i needed to add a subnet that is isolated from my LAN (from the new subnet to my LAN) so i installed a new pfSense box. I didn't connected it to the existing box because i need high bandwith between the 2 nets and i purchased a small server (Xeon E31220 @ 3.10GHz) to accomplish this.
This box (pfSense 2) is connected to my lan (by the LAN interface) and in the WAN are connected the servers in the other subnet.
I created a gateway entry in pfSense 1 to the new subnet (172.16.10.0/27) and a static rule to it via 172.16.1.157 that is the pfSense 2 LAN interface.
What i want to do is somekind of DMZ.
The problem is that connecting from original LAN to new sublan (the one in the WAN pfSense 2 interface) is generally very slow. I say generally because one computer in my LAN works well (i get about 1Gbit/sec), but most of other computers only gets 60Kbit/s.
(All this is what i picture you in schema A)
So then, i moved the server from the new sublan to my main LAN, and it works fine with all computers.
It gives me slow throughput by example by SCP a file (it gives me an STALLED error) and by run iperf (if helps, in UDP mode, it triggers an errir "read failed: Connection refused")
I've tried the "Bypass firewall rules for traffic on the same interface" and even disabled "Disable all packet filtering" (just for trying)
Can you help me?
TIA,
Best,
**** SCHEMATIC A **** Traffic from a PC in the Switch LAN to Server A slow
172.16.10.10/27 .10.1/27 1.157/21 172.16.0.1/21
[Server A]–------[pfSense 2]–------[Switch]–------[pfSense 1]–------{ISP}
(WAN) (LAN) | (LAN) (WAN)
|
[PCs & other devices]- pfSense 1:
Gateway to 172.16.10.0/27 via 172.16.1.157
**** SCHEMATIC B **** Traffic from a PC in the LAN to Server A (also in the LAN) rigth
172.16.0.77/21 172.16.0.1/21
[Server A]–-------[Switch]–------[pfSense 1]–------{ISP}
| (LAN) (WAN)
|
[PCs & other devices] - pfSense 1: