Routing error
-
Hey everyone!
I've made a mistake somewhere I think. Might as well admit it. I don't know where though, so I'm hoping for your help. I've tried a "complicated" setup and failed. I thought it would be easy, knowing what I know, and having the mighty google at hand, but no.
See this config: http://falloutdata.se/config.xml
I have:
1 pfsense 3 port appliance (from applianceshop)What I tried to do is create:
1 WAN
1 LAN + 1 OPT1 with LAG LCAP (LAGG0) which required configure it from the WAN interface and erase the default LAN (greedy, wanted both speed and failover)
4 additional VLAN interfaces (using LAGG0) where 2 have DHCP's; 172.16.1.0/24, 172.16.2.0/24, 172.16.3.0/24 and 172.17.0.0/16
1 external ip to be used by the firewall
4 external virtual ip's that's 1:1 NAT'ed (where 2 used thus far)
Port forward from WAN "default" ip incoming to certain hosts on the 172.16.1.x network
1:1 NAT to certain subnets
Rules to allow certain ports to certain subnets in the 1:1 NAT
Firewall rules to "allow all" traffic outgoing at the bottom (if all else fails)Well if I forgot anything it's in the config. I thought long and hard about this, and I wouldn't ask your help if I really didn't need it :/
I suspect I've done one thing wrong; 1:1 NAT'ed the 172.16.1.0 net where I shouldn't have. It'll probably route the traffic wrong, but the Skidata network doesn't work either and that I can't explain. What I did to save the situation was to rebuild the pfsense without LAGG and only the necessary (for the moment) VLAN's, which worked fine. This config I'm referring to is the one I want but can't use. Hope someone can shed a light on what I did wrong.
Thank you!
-
Oh snap… I'm on the 2.1.0 firmware. Sorry.