• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Routing problem - Newbee question

Scheduled Pinned Locked Moved OpenVPN
22 Posts 3 Posters 6.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    rumpelstilzchen
    last edited by May 21, 2013, 4:52 PM

    @marvosa:

    pfSense box: WAN 172.16.63.120/16   (static address from our internal office LAN), Gateway 172.16.63.1 (a Fortinet Firewall)
                       LAN  10.0.0.0/8  (the LAN for all the datacenter servers), Gateway 10.0.0.1

    Is this a typo?  I thought this was changed to 10.0.0.0/9?

    Sorry this is a typo, I changed all to 255.128.0.0

    @marvosa:

    So, I'm not sure if you're specifically not answering the question or if I'm not being direct enough when I ask for the subnet mask.  For instance, when you say:

    10.1.0.5     ns1   DNS server running on CentOS 6.4
    10.1.0.6     ns2   DNS server running on CentOS 6.4
    10.2.1.193 - 199  several servers all running CentOS 6.4 working as web-, database- and application servers
    10.2.1.129 - 135  several servers all running Windows 2012 woring as AD, RDS and other Windows servers

    You still have not given us the masks for the servers you are trying to reach.   You've given us the mask for the host machine, but not each guest.  Double check the mask on each guest and report back.

    It would also be helpful if you provided a network map, so we can see how things are physically connected.  Also, where are you testing from?

    Your firewall log is interesting.  You shouldn't be getting blocks between 10.1.0.5 and 10.0.2.128 because they are on the same LAN… that traffic should not be hitting the firewall.  Just another reason to double check connections and masks.

    Sorry, I currently don't have a map, I need a tool for that like Nagios. But I haven't installed yet.

    BUT I THINK YOU GOT IT! At least I found one machine with 255.0.0.0 instead of 255.128.0.0 running CentOS. I changed that and it is answering now on pings!! I have a Windows box setup correctly which does not anser. I will have to check the other machines, check local firewalls on windows and reboot all the boxes and see if it is working. I will give feedback later.  Hopefully one major problem is solved.

    First of all thanks a lot for your help! Coming back soon with the results.

    Rumpi

    1 Reply Last reply Reply Quote 0
    • R
      rumpelstilzchen
      last edited by May 22, 2013, 8:40 AM

      Hi Guys, seems that the problem is solved. The main problem was to have the tunnel network inside the LAN which does not work. Reducing the LAN network and placing the tunnel network outside was the main fix. All other problems where a result of not having consequently changed all netmasks to the reduced LAN network on my guest operating systems. The two name servers had 255.255.0.0 as netmask, thats why they answered ping requests through the tunnel. The other boxes still had 255.0.0.0. All have now 255.128.0.0 and everything works fine.

      So many thanks again to all who helped me! Great work!

      Rumpi

      1 Reply Last reply Reply Quote 0
      22 out of 22
      • First post
        22/22
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received