0

I have a little stupid question, but i'm really stucked. We have two pfsense in different location. In first location we have LAN net 10.200.1.0/24 with gateway 10.200.1.1. In second location we have LAN net 10.200.40.0/24 with gateway 10.200.40.3.

All time we used OpenVPN static connect and all worked fine, but recently we got dedicated canal between two location. I'm try to setting routing, like this: Static route to 10.200.40.0/24 through GW 10.200.1.1. Static route to 10.200.1.0/24 through GW 10.200.40.3.

Okay, it work, but... not good. We have a traceroute like this: From 10.200.1.13 => 10.200.1.1 => 10.200.40.51- looks good, but the network was unstable - especially with TCP-connections. And iperf(for speed test) show like this:

[ ID] Interval > Transfer     Bandwidth 
[  4]   0.00-1.00   sec   256 KBytes  2.09 > Mbits/sec 
[  4]   1.00-2.00   sec  0.00 Bytes  0.00 bits/sec 
[  4]   2.00-3.00   sec  0.00 Bytes  0.00 bits/sec 
[  4]   3.00-4.00   sec  0.00 Bytes  0.00 bits/sec
etc.

After i add on local computer 10.200.1.30 route like:

route add 10.200.40.0 255.255.255.0 10.200.40.3

Everything began to work perfectly, iperf show this(with the same settings):

[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec  66.5 MBytes   558 Mbits/sec
[  4]   1.00-2.00   sec  68.5 MBytes   574 Mbits/sec
[  4]   2.00-3.00   sec  68.0 MBytes   571 Mbits/sec
[  4]   3.00-4.00   sec  69.6 MBytes   584 Mbits/sec
[  4]   4.00-5.00   sec  46.0 MBytes   386 Mbits/sec
[  4]   5.00-5.24   sec  16.2 MBytes   562 Mbits/sec

And now i'm stucked - how i can push all traffic from 1.0 for 40.0 subnet through remote GW, not for each machine? And vice versa - from 40.0 to 1.0:) I can't add GW to interface LAN - i get "The gateway address 10.200.40.3 does not lie within one of the chosen interface's subnets.".

Please, help! Thank you in advance!

UPD: Oh, sorry, it's very simple scheme - i'm just took this infrastructure without any docs. If you need get more info - please, tell me. Thanks!

scheme

Community
  • 1
Theo Vi
  • 11
  • 4
  • It would be helpful if you can edit your question to provide a simple diagram. It's unclear how the two networks are connected. You may need to add a router to route between networks, but without a diagram, we can't say for sure. – Ron Trunk Apr 04 '19 at 12:55
  • Do you happen to have an in-between network for the direct channel? so one side can communicate with the other? – fboaventura Apr 05 '19 at 01:46

2 Answers2

1

Finally, I solved the problem by setting parameter 121 in dhcp. Networking and routing between subnets works perfectly.

Thank you all for your attention to my problem!

Theo Vi
  • 11
  • 4
0

Short answer: you need a router to route between subnets. If your 3750G has the right software version, you can configure it as the router. Otherwise, you will need additional equipment.

You will also need to configure a routing protocol (OSPF) between the 3750 and your pfsense devices, so that they know about each other.

Ron Trunk
  • 2,149
  • 1
  • 10
  • 19
  • Thanks for your answer. Ron! But I am confused by the fact that in the current mode the network is working, the hosts see each other. Problem ONLY with TCP, UDP works fine. And if I prescribe a route for the second subnet manually on my PC, then the all networks works perfectly, as I said. Simply, if there is no way in the current configuration to register routes on pfSense's - it will be easier for me to distribute routes to the subnet 10.200.40.0/24 via GPO through 10.200.60.3, isn't it? Instead of reconfiguring the whole network, one of the locations of which is remote. – Theo Vi Apr 04 '19 at 13:37
  • If it works for you, then that's fine. But you asked how to do it without configuring each machine. – Ron Trunk Apr 04 '19 at 13:47
  • Okay, i got it. Just for finally clarify - i can't add gateway 10.200.40.3 to pfSense and then make route to 10.200.40.0 subnet in any way? Bad, if so. Anyway, thank you for help. P.S. Maybe I will think about reconfiguring the network:) – Theo Vi Apr 04 '19 at 14:17