4. Subnet communication

Subnet communication

  • O

    Hope this is the right section for this. I am having issues with hosts on 2 subnets communicating with each other. This is a recent setup after a tear down, they were communicating just fine prior to the rebuild.

    LAN (192.168.10.1) -> Host1 (192.168.10.10)

    OPT1 (192.168.30.1) -> Host2 (192.168.30.10)

    Host1 can ping host2 but host2 can't ping host1.

    Firewall does not seem to be blocking any traffic, I've tried adding allow rules to see if that worked.

    I hope I was able to convey my issue.

    0

  • What do your OPT1 and LAN firewall rules look like?

    Gateway correct on the Host 2 computer?

    0
  • O

    OP1 is currently allow any ipv4 and 6
    LAN is currently the default (anti-lockout, ipv4 allow to any rule) I had added a LAN rule for any source from OPT1 but it made no difference.

    Gateway is good on host2 (192.168.30.1), it can ping LAN and outside.

    0
  • B

    You can add an block rule for anything at least  of your ruleset for opt1 and enable log any pakages. Then you can check if ping is blocked by the firewall.

    WHen nothing gets blocked perhaps Host1 has a software firewall enabled?

    0
  • O

    So here is something strange. I can't get a ping out but VSphere (host1) can connect to ESXi (host2).

    Did a LAN rile for allow any - any with logs on. Didn't see any comms from host2 to host1
    Tried shutting down host based firewall, no change

    0
  • O

    Looks like there is a bigger issue. My LAN connection is randomly going down so that I cannot even ping the firewall or SSH in.
    Tried changing the NIC but no change.
    Restarting the router gets me connected for a few minutes then dies. But my OPT1 connection is fine (I'm using it right now). LAN was fine a few days ago and just stopped working today.

    No idea how to proceed.

    UPDATE: Was consoled in and got the following message when the connection dropped:
    watchdog timeout
    msk1: prefetch unit stuck?
    msk: initialization failed: no memory for Rx buffers
    msk1: prefetch unit stuck?
    msk: initialization failed: no memory for Rx buffers

    going to try thishttps://forum.pfsense.org/index.php/topic,57238.0.html

    UPDATE: stephenw10's fix above solved the dropping issue. Now back to the original issue.

    0
  • D

    You're in the same boat I am, I can't find the fix for it either… did you figure it out?

    0
  • M

    @Oats:

    Looks like there is a bigger issue. My LAN connection is randomly going down so that I cannot even ping the firewall or SSH in.
    Tried changing the NIC but no change.
    Restarting the router gets me connected for a few minutes then dies. But my OPT1 connection is fine (I'm using it right now). LAN was fine a few days ago and just stopped working today.

    No idea how to proceed.

    UPDATE: Was consoled in and got the following message when the connection dropped:
    watchdog timeout
    msk1: prefetch unit stuck?
    msk: initialization failed: no memory for Rx buffers
    msk1: prefetch unit stuck?
    msk: initialization failed: no memory for Rx buffers

    going to try thishttps://forum.pfsense.org/index.php/topic,57238.0.html

    UPDATE: stephenw10's fix above solved the dropping issue. Now back to the original issue.

    Could be a personal firewall on one of your clients. I would try temporarily disabling it. If that fixes it just add an exception to allow the traffic.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy