Single WAN, Dual LAN/Subnets **SOLVED**
-
This may be a silly question, but I'm new to subnetting. I have a pfsense box with a single DSL WAN connection coming into one NIC, another NIC feeding an ethernet LAN, and a 802.11g card serving a WLAN. Here's a graphical representation of the physical and logical structure:
|–--------------------------------|----------Enet Lan 192.168.10.0/26 255.255.255.192
DSL WAN-------| pfSense Box |
|----------------------------------|----------Wifi Lan 192.168.10.65/26 255.255.255.192Everything works perfectly, except the nodes on the wlan segment cannot ping or access nodes on the enet segment and vice versa. The two nodes on the enet lan can talk to each other and the internet, and the nodes on the wifi lan can talk to each other and the internet.
It seems to me there needs to be a route added between the two /26s, however I'm not sure how or where to do this on pfSense.
-
Do you have firewall rules on both interfaces that allow traffic to the other subnet?
I dont think you have a routing problem. If you had you couldn't access to the Internet from at least one of the subnets. -
I have rules on both interfaces explicitly allowing all traffic with a source OR a destination in either subnet.
-
could you post screenshots of your rules?
-
Sure, here we go..
-
What do you have for the IP and mask on LAN and WLAN interfaces?
-
It's at the top but I'll repost it:
Lan IP is 192.168.10.1 mask of 255.255.255.192
WLan IP is 192.168.10.65 mask of 255.255.255.192 -
I should also add that pinging from the 192.168.10.64/26 subnet to the 192.168.10.0/26 subnet only times out, however pinging from the 192.168.10.0/26 subnet to the 192.168.10.64/26 subnet results in a destination unreachable reply from the default gateway (192.168.10.1). The pfSense box can ping/traceroute to both subnets just fine, and both subnets have access to the internet with no problems. Everything about the network works perfectly except that the two subnets cannot talk to each other.
-
Rebooting fixed it. I put a packet sniffer on the 192.168.10.0/26 subnet and saw that the pings from 192.168.10.64/26 were being received, but that the gateway for 192.168.10.20 (192.168.10.1, the LAN interface) was reporting the host on the other subnet was unreachable. After rebooting, traffic between both subnets is passing fine. Thanks for the help guys!
-
btw: You can delete on both interfaces all the rules except the first.
See my signature why ;)