pfSense box: WAN 172.16.63.120/16 (static address from our internal office LAN), Gateway 172.16.63.1 (a Fortinet Firewall)
LAN 10.0.0.0/8 (the LAN for all the datacenter servers), Gateway 10.0.0.1
Is this a typo? I thought this was changed to 10.0.0.0/9?
So, I'm not sure if you're specifically not answering the question or if I'm not being direct enough when I ask for the subnet mask. For instance, when you say:
10.1.0.5 ns1 DNS server running on CentOS 6.4
10.1.0.6 ns2 DNS server running on CentOS 6.4
10.2.1.193 - 199 several servers all running CentOS 6.4 working as web-, database- and application servers
10.2.1.129 - 135 several servers all running Windows 2012 woring as AD, RDS and other Windows servers
You still have not given us the masks for the servers you are trying to reach. You've given us the mask for the host machine, but not each guest. Double check the mask on each guest and report back.
It would also be helpful if you provided a network map, so we can see how things are physically connected. Also, where are you testing from?
Your firewall log is interesting. You shouldn't be getting blocks between 10.1.0.5 and 10.0.2.128 because they are on the same LAN... that traffic should not be hitting the firewall. Just another reason to double check connections and masks.