No communications between Interfaces using 1:1 NAT
rickpo12 last edited by
Here is my setup:
WAN = 192.168.1.1 (this actually has a public IP assigned to it)
VLAN100 = [GW] = 10.100.100.1
VLAN200 = [GW] = 10.200.200.1
192.168.1.30 -> 10.100.100.30
192.168.1.45 -> 10.200.200.45
IP = 10.100.100.30/24
GW = 10.100.100.1
IP = 10.200.200.45/24
GW = 10.200.200.1
1. If I log into CentOS #1 and login to a remote server via ssh I have no problem. If I attempt to log into CentOS #2 via ssh I cannot connect. There are no firewalls (IPTABLES) running on either server at this point.
2. From another remote computer, meaning on that is not behind the pfSEnse firewall, I can ssh into either CentOS #1 or #2 without issues.
3. The issue comes when I attempt to communicate between two servers that are both behind the pfSense firewall AND are on different interfaces/networks.
NOTE: I do have the default setting for the WAN interface of "Block private networks". When I unchecked this option is caused my pfSense FW to crash. Because this is a production FW I quickly enabled that option after the FW rebooted after the crash.
My question to this group is do you believe the issue that I am having with communication between servers on different interfaces/networks is being caused by this "Block private networks" option being enabled? If so, does anyone know of a way to disable this without it causing the pfSense FW to crash?
Thank you all for your import.
Do you have FW rules, on both pfSense interfaces, allowing traffic between those network segments ?
rickpo12 last edited by
ptt - Good question and one that I should have provided. For testing purposes I have opened up all traffic into VLAN100 and VLAN200 from the WAN, and I have also opened all traffic out from both VLAN100 and VLAN200. As I mentioned, from a remote computer that is not behind the firewall I can connect to either CentOS #1 or #2 without issues. The issue only arises when trying to go from VLAN100 to a server on VLAN200 or vis-versa. One additional note: If I attempt to ssh from CentOS #1 to CentOS #2, I do receive a login prompt, but entering the correct user and passwork fail. My assumption is that I am somehow being connected to the pfSense FW and not the CentOS #2 server. Not sure why, but I am sure it has to do with the current setup and the issues that I am having.
Thank you again in advance for your help.