Screen OS

Hi All,

As per shown in picture I got a bit problem, whenever I set pfsense default gateway to 172.16.25.4 I can ping from pfsense straight to juniper e/02, can go all the way to the LAN 2 also can ping to LAN 1. But when I set pfsense default gateway to my public gateway (ex:121.122.121.122) I can only ping to my ssg20 e0/1 and go to LAN 1 and no longer can go to e0/2 or LAN 2. Is there any wrong routing on my configuration? As I added routing destination on ssg20 172.16.25.0/27 and 172.16.30.0/26 to e0/1 both go to 172.16.25.1 and default routing created.

Hi,

Please check the routes on the pfsense to the 172.16.30.0/26 subnet. If no routes to the subnet then try adding one static route to the 172.16.30.0/26 via default gateway 172.16.25.4.

When you set default gateway as 172.16.25.4 the pfsend sends all the packets to the 172.16.25.4 however when you change the default gateway to 121.122.121.122 then pfsense would be sending all the packets to the your public gateway. To handle you internal LAN2 network you need to add static route on the pfsense.

Thanks,

Vikas

Thanks Mr VIkassingh for you reply. From your guide now I able to ping from both end. from this configuration am i suppose to be able get internet access to juniper or not? since now I cannot access the internet from juniper. I attached my routing table for juniper.

Hi,

The routing table looks good. The firewall is configured to send internet traffic to the PFsense as per the default route configuration.

Are you able to reach the 192.168.25.x network from the firewall?

Are the LAN1 and LAN2 segments able to reach the internet?

Does PF sense have a NAT configuration in place, to NAT all outgoing traffic to the public IP?

Hi Gokul,

Yes Im able to connect to LAN1 and LAN2 .. both able to access the internet.

I just setup auto configure for NAT on PFsense

regard,

Hazly