Second VLAN as subnet
-
Greetings -
I'm doing a test with pfsense but I'm having a little issue with routing or firewall.
Scenario:
Network Layout
2 WAN + 1 LAN + 1 VLAN(second subnet)IP WAN1: 1.1.1.1
IP WAN2: 2.2.2.2IP LAN: 10.10.10.1/24
IP VLAN : 192.168.80.1/24
-
Workstations behind LAN can ping 192.168.80.1 pfsense IP on VLAN
-
Workstations behind VLAN can ping 10.10.10.1 pfsense IP LAN
-
Workstations behind VLAN can ping any workstation on the LAN
I opened firewall to allow all protocols on VLAN
Here's the issue i'm having. Workstations on LAN cannot ping any workstations or devices on VLAN subnet
What am I missing?
Thanks in advance
-
-
Did you have a similar "allow any" on the LAN firewall too?
I have explicitly set up a rule that says "any from LAN net to LAN2 net" and the opposite on the other LAN. In your case it would be the VLAN.
Try creating an explicitly net to net rule on the LAN and VLAN to see if that works.
-
You are probably telling LAN to send traffic to your VLAN out your Multi-WAN group.
https://doc.pfsense.org/index.php/What_is_policy_routing
https://doc.pfsense.org/index.php/Bypassing_Policy_Routing
