Layer-3 Switch and PFSense
-
Hello All,
First off, I've looked at other similar threads regarding my setup and I can't find what I'm doing wrong - maybe somebody smarter than I could shed some light.
I have a layer 3 Force10 (Dell) switch with 2 VLANs, one for my data, and one for the connection between the switch and PFSense. VLAN 99 is for the connection to PFSense, and VLAN 10 is for data.
Switch config:
–-
interface vlan 99
ip address 10.1.99.1/24
[A port is untagged with this VLAN and connected to PFSense]interface vlan 10
ip address 10.1.10.1/24
[PCs are on ports untagged with this vlan]ip route 0.0.0.0/0 10.1.99.2
PFSense config:
–-
LAN IP: 10.1.99.2/24
WAN: DHCPGateway added called Internal for LAN interface with IP 10.1.99.1
Static route added for 10.0.0.0/8 to Internal Gateway on LAN interface.My problem is that clients on VLAN 10 cannot ping PFSense (10.1.99.2, on VLAN99). Clients on VLAN 10 can ping the vlan 99 switch interface (10.1.99.1), and can ping other clients/VLANs on the switch so I assume my intervlan routing is working properly. Do I need to change my switch or PFsense config?
It as my assumption that if I add the necessary default route on the switch and the proper static route on PFSense, all should be good -- where have I messed up?
-
The default firewall rule on LAN only allows traffic from within the LAN subnet. So if your traffic has been routed from some other subnet (VLAN 10) then it will be rejected. Alter or add rules to allow this.
Steve
-
The default firewall rule on LAN only allows traffic from within the LAN subnet. So if your traffic has been routed from some other subnet (VLAN 10) then it will be rejected. Alter or add rules to allow this.
Steve
Ugh, how could I have missed something so obvious. Thanks so much for your time – this was my issue!
