On 2013-09-19 00:14, Adam Thompson wrote:
I'm having difficulty adding a static route that points to another router on
the WAN subnet. I think I just found the problem, in /tmp/rules.debug:
pass out route-to ( lagg0_vlan2 184.70.48.185 ) from 184.70.48.187 to
!184.70.48.184/29 keep state allow-opts label "let out
anything from firewall host itself"
Where .185 is my upstream, and .187 is the pfSense firewall I'm trying to
originate traffic through. The other router's northbound interface lives at
.188 in the same subnet.
If I'm not mistaken, this is the rule that prevents me from reaching the remote
subnet via 184.70.48.188. Unfortunately, this is a system-generated rule.
Suggestions?
(I'm sure the routing table is correct, since "pfctl -d" makes routing work correctly
from pfSense and it breaks immediately again with "pfctl -e".)
I can add another VLAN as a point-to-point interface between pfSense and the other
router, but that just seems stupid when I already have a segment & subnet that
connects the two.
Ping.
Anyone have any ideas how to make this work without setting up another
interface? Is this a bug I should be opening a ticket on?
--
-Adam Thompson
[email protected]
Cell: +1 204 291-7950
Fax: +1 204 489-6515
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
