Hello,
Pfsense is the edge internet router in my network.
I have 3 networks configured on single dot1q interface - each network IP (Gateway) is on its own subinterface. This trunked down to a switch.
One of the subnets 192.168.40.x/24 has an eve-ng server with hosts on it. This is for networking testing and virtualization. The eve-ng server has an address on the 40 subnet - 192.168.40.3
In my network topology I can connect virtual routers and communicate with the 40 subnet gateway (pfsense) .40.1.
I can even route say I have 3 virtual routers. A, B, C. Where Router C is connected to the 40 subnet via management interface I can assign it a .40.10 for example and ping 40.1(gateway) pfsense.
RouterA --subnet 10.1.1.x/24 —RouterB --subnet 10.2.2.x/24–RouterC --subnet 192.168.40.x
I configured gateway 192.168.40.10 on Pfsense with next-hops 10.1.1.x / 10.2.2.x (static routing). Pfsense can ping internal subnets 10.1.1.x and 10.2.2.x.
The issue is if I use a virtual desktop (linux) to try and browse the internet. It does not work. On pfsense I have DNS redirect firewall rules and bind/resolver. I have added subnets 10.1.1.x and 10.2.2.x to outbound NAT and NAT to WAN_Address. DNS server on the virtual desktop is pointing to Gateway IP of pfsense 40.1.
If I place a NAT router in front of:
RouterA --subnet 10.1.1.x/24 —RouterB --subnet 10.2.2.x/24–RouterC – NAT-Router—subnet 192.168.40.x - Everything works - web no issue. Regardless of DNS settings.
Any thoughts or assistance greatly appreciated.