Re: [pfSense] Routing between LAN interfaces

Mon, 08 Sep 2014 06:02:42 -0700 

I have 4 physical interfaces.
My setup looks like this:

Interface     | Network port
------------------------|---------------
WAN  (static ip/30) | em0
LAN (192.168.1.1/24) | em1 (default VLAN, not used)
DMZ (10.0.0.0/24) | VLAN2 on em2
ILO (10.2.0.0/24) | em3
OFFICE (192.168.2.0/24) | VLAN10 on em1

Do you understand now?

Example of the problem:
If I am connected to OFFICE (ip 192.168.2.101) I can't access anything that is 
on ILO or DMZ even though the FW rules allows it

Niklas


From: Giles Coochey <gi...@coochey.net<mailto:gi...@coochey.net>>
Reply-To: pfSense Support and Discussion Mailing List 
<list@lists.pfsense.org<mailto:list@lists.pfsense.org>>
Date: Monday 8 September 2014 14:20
To: pfSense Support and Discussion Mailing List 
<list@lists.pfsense.org<mailto:list@lists.pfsense.org>>
Subject: Re: [pfSense] Routing between LAN interfaces

So, how many actual interfaces do you have, and how many subnets are there?

I am trying to understand what you mean by "VLAN configured"

I have an implementation with 3 different subnets each on their own interface 
and pfsense routes between the subnets when rules allow for it.

On 08/09/2014 13:05, Niklas Fondberg wrote:
Hi all,

I am struggling with routing between the different LAN interfaces I have set up.
I have 3 LAN I/F's where 2 are VLAN configured. I also have a fourth through 
OpenVPN.

I have FW rules for all of the LANs with
PASS
Proto: IPv4*
Source *
Port *
Dest *
Port *
Gateway *
Queue none

I have added logs to the rules but I don't see anything in System 
Logs->Firewall wrt Blocks or Rejects.
I thought pfSense would automatically route traffic between the LANs if the FW 
rules allowed it.

What am I missing?

Niklas



_______________________________________________
List mailing list
List@lists.pfsense.org<mailto:List@lists.pfsense.org>https://lists.pfsense.org/mailman/listinfo/list



--
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.nethttp://www.netsecspec.co.ukgi...@coochey.net<mailto:gi...@coochey.net>

_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Reply via email to