On Mon, Aug 31, 2009 at 12:27 PM, Richard Amerman<[email protected]> wrote: > I'm having a routing issue with a new double pfSense setup I have > configured. > Here is a diagram of the setup: > http://tinyurl.com/mqko87 > Both of the firewalls are pfSense 1.2.3-RC1 from the live-CD > They each have 4 interfaces. > Everything is working fine except for the following. > I have two related issues at this time: > 1. I can not ping from IP Phone Vancouver (192.168.20.0/24) to Skyport > (172.16.48.0/24). > I have a test PC (172.16.48.10) located at a switch connected to the LAN > interface of the Skyport pfSense box. > When I do a traceroute it just times out. > IP Phone Vancouver can talk just fine to the local bridged segment > of 172.16.48.1.0/24 just not the remote one (Vancouver). > I know, the bridged part is silly but I have not choice, it is already > here and can not be changed, at lest not now. > > 2. I can not ping from Skyport (172.16.48.1.0/24) to IP Phone > (192.168.20.0/24). > When I do a traceroute it heads out the wan interface and eventually > times out. > I have a static route setup on the pfsfwsky firewall for 192.168.20.0/24 > with gateway of 192.168.20.1 > There is no route listed for 192.168.20.0/24 in the 'Routing tables' in > the gui Diagnostics > Routes page. > So it appears that the traffic is ignoring the static route, or the > static route is not taking. >
The route is wrong, you have to use an IP the firewall has on a directly attached interface. You can't tell it to go to 192.168.20.x to reach 192.168.20.x. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
