Pf sense not ping switches

Pf sense not ping switches

Pf sense not ping switches
Pf sense not ping switches
Monday
Model: TL-SG3428   TL-SX3008F  
Hardware Version: V2
Firmware Version: 1.20.0 Build 20231011 Rel.42220

Hello all,

 

I can't figure it out why I can't ping my switches form my router and from any other client PC (except PC 5 it is in the same sub-net)

 

My main goal is to ping my switches from PC3,6,1, ... The router should handle the connection as it does for every othe clinet that wants to connect form anothe sub-net

 

The VLAN works fine because I can connect to everything form one client to another even to the internet form all client

 

Thank you for your help 

 

 

 

 

 

 

 

 

  0      
  0      
#1
Options
9 Reply
Re:Pf sense not ping switches
Tuesday - last edited Tuesday

Hi @xHAWAKx 

Thanks for posting in our business forum.

What's the PVID on #23?

What does the routing table look like?

What would be the gateway IP address?

Can you ping another device from the switch but not be able to ping back to the switch?

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:Pf sense not ping switches
Tuesday

Hello  @Clive_A,

 

  • PVID for port 23 is set as 1

 

 

 

 

  • Routing table in the switch is set up as in picture below 

 

 

  • The gateway IP is 10.99.10.1

 

  • From the switch I can only ping the other switch (10.99.10.20) I can't even ping PC 5

 

 

Any other client from the switch go in timeout.

 

 

The only client that can ping the switches is PC 5

 

 

I commited some mistakes in the net-diagram please check the new diagram below (I apologise for this)

 

 

 

Basically I only able to connect to GUI of the swtich because of the interface n.3 with the IP 10.99.10.6 (this is a work around and I do not want it like that)

 

 

Thank you in advance for your help

 

  0  
  0  
#3
Options
Re:Pf sense not ping switches
Wednesday - last edited Wednesday

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello  @Clive_A,

 

  • PVID for port 23 is set as 1

 

 

 

 

 

  • Routing table in the switch is set up as in picture below 

 

 

 

  • The gateway IP is 10.99.10.1

 

  • From the switch I can only ping the other switch (10.99.10.20) I can't even ping PC 5

 

 

 

 

Any other client from the switch go in timeout.

 

 

 

The only client that can ping the switches is PC 5

 

 

I commited some mistakes in the net-diagram please check the new diagram below (I apologise for this)

 

 

 

 

Basically I only able to connect to GUI of the swtich because of the interface n.3 with the IP 10.99.10.6 (this is a work around and I do not want it like that)

 

 

Thank you in advance for your help

 

Add a routing.

0.0.0.0, next hop 10.99.10.10. If this helps.

 

10.99.10.6 is not pingable but 10.5 is, that's a firewall issue on the computer.

Dual NICs mean you have two pages for network firewalls.

I am not worried about this PC as 10.5 is pingable.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options
Re:Pf sense not ping switches
Wednesday

 Hi @Clive_A,

Clive_A wrote

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello  @Clive_A,

 

  • PVID for port 23 is set as 1

 

 

 

 

 

  • Routing table in the switch is set up as in picture below 

 

 

 

  • The gateway IP is 10.99.10.1

 

  • From the switch I can only ping the other switch (10.99.10.20) I can't even ping PC 5

 

 

 

 

Any other client from the switch go in timeout.

 

 

 

The only client that can ping the switches is PC 5

 

 

I commited some mistakes in the net-diagram please check the new diagram below (I apologise for this)

 

 

 

 

Basically I only able to connect to GUI of the swtich because of the interface n.3 with the IP 10.99.10.6 (this is a work around and I do not want it like that)

 

 

Thank you in advance for your help

 

Add a routing.

0.0.0.0, next hop 10.99.10.10. If this helps.

 

10.99.10.6 is not pingable but 10.5 is, that's a firewall issue on the computer.

Dual NICs mean you have two pages for network firewalls.

I am not worried about this PC as 10.5 is pingable.

 

as request I set-up a static routing, but this is still not working as you can see in the images below.

 

I also disable (for the sake of this test) the firewall in PC 5 and now I can ping 10.99.10.6 from the switch.

 

I also re-cecked the firewall rule in pf-sense and I can confirm to you that there is only an "allow-all" rule set

 

Do you have any other suggestion for me? Is my request clear?

 

Thank you

 

 

 

 

 

 

 

  0  
  0  
#5
Options
Re:Pf sense not ping switches
Thursday

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

 Hi @Clive_A,

Clive_A wrote

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello  @Clive_A,

 

  • PVID for port 23 is set as 1

 

 

 

 

 

  • Routing table in the switch is set up as in picture below 

 

 

 

  • The gateway IP is 10.99.10.1

 

  • From the switch I can only ping the other switch (10.99.10.20) I can't even ping PC 5

 

 

 

 

Any other client from the switch go in timeout.

 

 

 

The only client that can ping the switches is PC 5

 

 

I commited some mistakes in the net-diagram please check the new diagram below (I apologise for this)

 

 

 

 

Basically I only able to connect to GUI of the swtich because of the interface n.3 with the IP 10.99.10.6 (this is a work around and I do not want it like that)

 

 

Thank you in advance for your help

 

Add a routing.

0.0.0.0, next hop 10.99.10.10. If this helps.

 

10.99.10.6 is not pingable but 10.5 is, that's a firewall issue on the computer.

Dual NICs mean you have two pages for network firewalls.

I am not worried about this PC as 10.5 is pingable.

 

as request I set-up a static routing, but this is still not working as you can see in the images below.

 

I also disable (for the sake of this test) the firewall in PC 5 and now I can ping 10.99.10.6 from the switch.

 

I also re-cecked the firewall rule in pf-sense and I can confirm to you that there is only an "allow-all" rule set

 

Do you have any other suggestion for me? Is my request clear?

 

Thank you

What if it routes to the router IP? I recall that either way would work as the switch is connected to the router. It'd work with either way.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#6
Options
Re:Pf sense not ping switches
Thursday

Hi @Clive_A,

 

Clive_A wrote

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

 Hi @Clive_A,

Clive_A wrote

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello  @Clive_A,

 

  • PVID for port 23 is set as 1

 

 

 

 

 

  • Routing table in the switch is set up as in picture below 

 

 

 

  • The gateway IP is 10.99.10.1

 

  • From the switch I can only ping the other switch (10.99.10.20) I can't even ping PC 5

 

 

 

 

Any other client from the switch go in timeout.

 

 

 

The only client that can ping the switches is PC 5

 

 

I commited some mistakes in the net-diagram please check the new diagram below (I apologise for this)

 

 

 

 

Basically I only able to connect to GUI of the swtich because of the interface n.3 with the IP 10.99.10.6 (this is a work around and I do not want it like that)

 

 

Thank you in advance for your help

 

Add a routing.

0.0.0.0, next hop 10.99.10.10. If this helps.

 

10.99.10.6 is not pingable but 10.5 is, that's a firewall issue on the computer.

Dual NICs mean you have two pages for network firewalls.

I am not worried about this PC as 10.5 is pingable.

 

as request I set-up a static routing, but this is still not working as you can see in the images below.

 

I also disable (for the sake of this test) the firewall in PC 5 and now I can ping 10.99.10.6 from the switch.

 

I also re-cecked the firewall rule in pf-sense and I can confirm to you that there is only an "allow-all" rule set

 

Do you have any other suggestion for me? Is my request clear?

 

Thank you

What if it routes to the router IP? I recall that either way would work as the switch is connected to the router. It'd work with either way.

 

This evening I will try to set UP a static route:

 

0.0.0.0/24 Next Hop 10.99.10.1

Should I delete the other one?

 

Is it possible that since port 23 has PVID 1 and is untagged is unable to cominunicate to pfSense since VLAN 1 is not defined? 

 

Thanks

 

 

  0  
  0  
#7
Options
Re:Pf sense not ping switches
Yesterday

Hello,

I just make a test and still it does not works

 

Any other idea?

 

Thanks

  0  
  0  
#8
Options
Re:Pf sense not ping switches
Yesterday - last edited Yesterday

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello,

I just make a test and still it does not works

 

Any other idea?

 

Thanks

Then I don't know what is wrong with it.

 I don't know about the pfsense and if you virtualize it on your computer, you should consult with the pfsense support on how to properly bridge it to the network.

With the pre-built routers, I have not seen a problem like this. VLAN 1 should be untagged and the rest of them should be tagged.

 

Is it possible to provide a tracert and routing table on the pfsense?

I reviewed the history I think you should ping the 10.99.100.1 instead of PCs IP. PC got firewall I don't think that result is accurate. Will the switch ping the default gateway?

 

There is also a problem with the ARP. I think something wrong with your pfsense ARP discovery.

If possible, try to add a static ARP to router and the switch. The static ARP should be the MAC address of the other.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#9
Options
Re:Pf sense not ping switches
Yesterday

Good morning @Clive_A,

 

Clive_A wrote

Hi @xHAWAKx 

Thanks for posting in our business forum.

xHAWAKx wrote

Hello,

I just make a test and still it does not works

 

Any other idea?

 

Thanks

Then I don't know what is wrong with it.

 I don't know about the pfsense and if you virtualize it on your computer, you should consult with the pfsense support on how to properly bridge it to the network.

With the pre-built routers, I have not seen a problem like this. VLAN 1 should be untagged and the rest of them should be tagged.

 

Is it possible to provide a tracert and routing table on the pfsense?

I reviewed the history I think you should ping the 10.99.100.1 instead of PCs IP. PC got firewall I don't think that result is accurate. Will the switch ping the default gateway?

 

There is also a problem with the ARP. I think something wrong with your pfsense ARP discovery.

If possible, try to add a static ARP to router and the switch. The static ARP should be the MAC address of the other.

 

 

My instance of pf-sense (CE) is running bare metal no virtualization here.

The VLANs are configured as you mention.

Why do you belive there is a problem related to my pf-sense ARP discovery? In the arp-table of my pf-sense instance I can find every single client connected to the network except for the 2 switches.

 

I'll try to set-up a static route inside pf-sense as you request

 

In the gateway point of view the infrastructure is set-up in this way inside of pf-sense. 

 

  • LAN 10.0.10.0/24 (physical interface igb0) gateway 10.0.10.1
  • Management 10.99.10.0/24 (VLAN99) gateway 10.99.10.1
  • Server 10.0.10.0/24 (VLAN10) gateway 10.0.10.1
  • End Devices 10.0.100.0/24 (VLAN30) gateway 10.0.100.1
  • Storage 10.0.20.0/24 (VLAN20) gateway 10.0.20.1

 

This evening, I think I can do a trace route from pf-sense to the switch and also from pf-sense to any other client I can also provide the route table pf-sense side.

 

Also in the weekend I can put everything in the same net (no VLANs configured) in this way I must be able to ping the router from the switch, since this is a pain in the a** I'll prefer to no do it.

 

Thank you again you are very patient!

  0  
  0  
#10
Options