I'm having difficulty adding a static route that points to another router on
the WAN subnet. I think I just found the problem, in /tmp/rules.debug:
pass out route-to ( lagg0_vlan2 184.70.48.185 ) from 184.70.48.187 to
!184.70.48.184/29 keep state allow-opts label "let out
anything from firewall host itself"
Where .185 is my upstream, and .187 is the pfSense firewall I'm trying to
originate traffic through. The other router's northbound interface lives at
.188 in the same subnet.
If I'm not mistaken, this is the rule that prevents me from reaching the remote
subnet via 184.70.48.188. Unfortunately, this is a system-generated rule.
Suggestions?
(I'm sure the routing table is correct, since "pfctl -d" makes routing work
correctly from pfSense and it breaks immediately again with "pfctl -e".)
I can add another VLAN as a point-to-point interface between pfSense and the
other router, but that just seems stupid when I already have a segment & subnet
that connects the two.
-Adam Thompson
[email protected]
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
