Routing Problem.



  • Good afternoon staff,

    I have a problem internal routing here.
    I have 4 NICs, 2 WAN and LAN 2.
    The 2 networks typically browse the internet, but one can not get at the other.
    I have created the rule 2 interfaces LAN allowing access from 2 networks normally, but when I send a traceroute on my machine it can not get from one network to another.

    The two networks can reach pfSense without problem.

    Thank you!



  • both LANs can get to the internet? But they can not contact  each other ?

    –-> create a firewall rule on LAN1: ALLOW PROTO:any SRC: lan1-subnet  DST: lan2-subnet
    ---> create a firewall rule on LAN2: ALLOW PROTO:any SRC: lan2-subnet  DST: lan1-subnet

    But both rules on TOP of the rule list to start.  (you can experiment with lowering them afterwards)



  • Thanks for Reply.

    It's working now.
    I create this 2 rules and 2 more rules.

    –-> create a firewall rule on LAN1: ALLOW PROTO:any SRC: lan1-subnet  DST: lan2-subnet
    ---> create a firewall rule on LAN1: ALLOW PROTO:any SRC: lan2-subnet  DST: lan1-subnet
    ---> create a firewall rule on LAN2: ALLOW PROTO:any SRC: lan2-subnet  DST: lan1-subnet
    ---> create a firewall rule on LAN2: ALLOW PROTO:any SRC: lan1-subnet  DST: lan2-subnet

    Thanks for the help!!!  ;)


  • LAYER 8 Netgate

    Rules 2 and 4 are never fired.  In general, pfSense rules apply to traffic coming IN (received by) an interface.  Unless you've got a very, very strange config, LAN1 will never see traffic coming into it with a LAN2-subnet source address.  Nor will LAN2 ever see traffic coming into it from a LAN1-subnet source address.

    They won't hurt anything but they're unnecessary and add clutter to the ruleset.


Log in to reply