It should work (Routing to a different Net)

mark99

Hello,

I am trying to route to a different Net, but somehow something is missing.
I need to access the 10.112.116.220 server.
Ping to the 192.168.33.1  the 192.168.33.3 is fine.

Here is my Netplan

LAN 192.168.11.0 /24 –------(192.168.11.110 pfSense 192.168.33.116)------- WAN 192.168.33.0/24
                                                                                                                        |
                                                                                                                        |
                                                                                                                        default GW 192.168.33.1 (router) ----- ISP
                                                                                                                        |
                                                                                                                        |
                                                                                                                        GW 192.168.33.3 router ------ VPN------ 10.112.116.0/24
                                                                                                                                                                                      |
                                                                                                                                                                                      server 10.112.116.220
The default traffic goes trough the default GW.

The following static route I created under System -> Routing: 10.112.116.0/24 with the 192.168.33.3 as GW.

I thought this is enough. When I traceroute 10.112.116.220 the dafault GW appears as the first hop.

 1  (192.168.33.1)  0.518 ms  0.405 ms  0.925 ms
 2  * * *

Shouldn't the 192.168.33.3 GW apear as the first hop?

Markus

johnpoz

what do your lan rules look like..  if you want a lan device to get to this other gateway on your wan, you have to allow it to use that gateway.

Where are you tracing from? Pfsense?

mark99

Yes, I am tracing from pfSense.

As GWs I have the default GW 192.168.33.1
and the GW 192.168.33.2 which I want to youse the net 10.112.116.0/24.

As a route I have:
network 10.112.116.0/24 with the GW 192.168.33.3 over the pfSense WAN interface 192.168.33.116

My thoughts are:

• The 10.112.116.220 doensn't know the way back to my LAN.

• But shouldn't tracing show the following hops:
    - 192.168.33.116 (pfSense WAN Adress)
    - 192.168.33.3 (Router to the 10.112.116.0/24 network which I am able to ping)
      instead of the 192.168.33.1 the IP of the default GW

Markus

johnpoz

Why would your trace show your pfsense wan IP???

Where are you lan rules???

A trace always shows the hops as you hit them… So from your lan would be 192.168.11.110, then 192.168.33.3

As to 116.220 yes it would need to know how to get back.. But that would have nothing to do with your trace showing you what the 2nd hop is..

mark99

I am tracing from pfsense.

What do you mean with LAN Rules?
I test often with the FW turned off.

So when I trace the 10.112.220 the GW 192.168.33.3 should apear as the first hop.

Is my route wrong?

In System -> routing I:

• Configured my two GWs on the WAN Interface and the 192.168.33.1 is the default one.
• then I clicked on the "Routes" tab and configured the route: 10.112.116/0./24      GW: my second GW      interface: my WAN interface

is there anything else to be done?

Markus