Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

problems communicating between two LANs

Greetings all-

This is my first post, but have been using XG for 2+ years.

I am trying to extend my system to provide better security for a few devices that I want to isolate better.  I was thinking to do that, I would create a second LAN (192.168.2.X) and allow very limited access to my primary LAN (192.168.1.X).  Both have subnet masks of 255.255.255.0.

LAN1 is on NIC1 and labeled as zone LAN1.  It hosts my current existing network (computers, game systems, servers etc)

LAN2 is on NIC2 and labled as zone LAN2.  I have moved one computer over to test communications from that computer (192.169.2.100) to the server on LAN1.

Both have DHCP running but the IPs are static for current devices.

I have setup a firewall rule from source: LAN1 and LAN2 with ANY devices to destination: LAN1 and LAN2 with any device.  MASQ is off.

 

When I try to map the network drive on LAN1 from the computer on LAN2 I can see the firewall rule being accepted and the traffic is routed.  The server tries to respond but is sending it's packet to 192.168.1.255 then the firewall rules block the traffic as "Appliance Access".  The same happens when I try to ping the server.  I can see a response going to the broadcast IP on 192.168.1.255 rather than to 192.168.2.100.

 

I have been searching the other questions and cannot tell where I am wrong.  Do I need an additional gateway (currently only have one for the WAN)?  I have seen some people add static routes but don't see how that changes this.  Any help would be greatly appreciated.  I can attach images of whatever is needed.  

 

Regards--



This thread was automatically locked due to age.
Parents
  • Hi K,

    who is the default gateway for both computers?

    Can you share zones, interfaces and firewall rules?

    Thanks

  • I can add images of the setup when I get home tonight.

    Both computers had the port as the gateway (192.168.1.1 for LAN1 and 192.168.2.1 for LAN2) but the XG only has the default gateway for the WAN.  I was wondering if the problem was related to this but don't have experience with anything more complicated than a 1lan and 1wan system before

    I wanted to add that lan to wan works for both as it should.  The only problem is between the LANs.  I have tried windows smb, https and pings to be sure it wasn't a problem with a specific port of protocol

    Thanks

Reply
  • I can add images of the setup when I get home tonight.

    Both computers had the port as the gateway (192.168.1.1 for LAN1 and 192.168.2.1 for LAN2) but the XG only has the default gateway for the WAN.  I was wondering if the problem was related to this but don't have experience with anything more complicated than a 1lan and 1wan system before

    I wanted to add that lan to wan works for both as it should.  The only problem is between the LANs.  I have tried windows smb, https and pings to be sure it wasn't a problem with a specific port of protocol

    Thanks

Children