Virtual IP route issue?
I am using pfSense 2.2.5
My LAN subnet is 192.168.1.0/24. I have added a virtual IP to the LAN interface of 10.10.10.1 with mask of /24. The WAN interface is 192.168.99.0/24 (test) and there is no NAT set up between the 10.10.10.* range and WAN. I have a rule to allow all ICMP from any source/destination. Host in 10.10.10.* range has gateway of 10.10.10.1 which is the Virtual IP added to the LAN interface.
Currently, I am unable to ping from a host in the 10.10.10.* subnet to a host in 192.168.99.* - am I missing some obvious reason why this won't work?
If I look at the firewall log I can see ICMP traffic allowed from the 10.10.10.* host, but the ping has no reply.
Thanks in advance for any advice
What type of VIP are you using? Some must be in the same subnet as the interface that's assuming them.
I'm using the IP Alias type - hosts are in the 10.10.10.0/24 and the virtual IP is 10.10.10.1
Is that what you mean?
Yes. I'll see if I can find time to simulate this this afternoon.
That's much appreciated - thank you
OK, I Just whipped it up in my ESXi lab. Works fine for me.
Lubutunu box @ 172.16.30.10 can ping other Lubuntu box @ 192.168.20.10.
Maybe something burped and you should delete and recreate that VIP. Also, you might have a rules issue so perhaps post your LAN rules.