pfSense Gold Subscription

Author Topic: Two interfaces have stopped seeing each other  (Read 115 times)

0 Members and 1 Guest are viewing this topic.

Offline kastegir

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Two interfaces have stopped seeing each other
« on: January 02, 2018, 11:10:16 am »
I have upgraded to 2.4.2 and now my two internal interfaces no longer communicate.

I have Int1 10.10.1.0
and Int2 10.10.2.0


They used to be able to see each other with no issues.

Now they can't talk to each other at all. When I try and trace route, they appear to be attempting to using the WAN gateway to go out and see each other. Obviously causing an issue.

It worked fine until I did the last upgrade.

Any Suggestions?

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9606
  • Karma: +1090/-309
    • View Profile
Re: Two interfaces have stopped seeing each other
« Reply #1 on: January 02, 2018, 11:41:40 am »
If you have two local interfaces with pass rules and the traffic is going out WAN the traffic is probably being matched by a policy routing rule (a rule with a gateway/gateway group set.)

https://doc.pfsense.org/index.php/Bypassing_Policy_Routing
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline kastegir

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Two interfaces have stopped seeing each other
« Reply #2 on: January 02, 2018, 12:08:18 pm »
I don't wee where I change that. Is something new in 2.4.2? because it literally stopped working right after the upgrade.


Offline kastegir

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Two interfaces have stopped seeing each other
« Reply #3 on: January 02, 2018, 12:12:16 pm »
Never mind that fixed it!

Thanks!

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9606
  • Karma: +1090/-309
    • View Profile
Re: Two interfaces have stopped seeing each other
« Reply #4 on: January 02, 2018, 12:13:30 pm »
No. It is not new.

There is something called "negate routes" that attempts to automatically bypass policy routing for certain networks.

It can miss things in certain cases so it might have been automatically negated before and is not now.

Glad you found it.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM