We have 3 interfaces:
- WAN
- LAN (10.0.10.1/24)
- 10GBLAN (10.0.20.1/24)
We're unable to route between the 2 networks connected to the opnsense box. From LAN I can access all LAN clients (as one should as they are all connected to the same switch).
On 10GBLAN (new network), I can ping the gateway and gain access to the internet (so in theory the LAN works)
I can however not ping from say 10.0.10.133 to 10.0.20.2 although I have an "allow all rule" in both interfaces (for testing obviously)
I am however able to from LAN (10.0.10.133) access the opensense firewall on 10.0.20.1, so access between LAN atleast to the firewall on the different subnet is working
Same counts for the other way around, if I try to access anything from the 10GBLAN (10.0.20.2) and try to ping 10.0.10.133 (for example), it does not work.
Both LAN and 10GBLAN has access to the internet, so I am able to break out to the internet from both switches meaning atleast the opnsense box recognizes both interfaces and clients as it's able to route out to the internet
If I look at the Live view, it appears that when I try to ping / access 10.0.20.2 from 10.0.10.133, (say https://10.0.20.2 which is working), in the live view my interface does not show LAN but rather WAN, so it appears that the opnsense server does not route traffic over the LAN / 10GBLAN interfaces but rather attempt to send the request over the internet.
I feel I can rule out firewall as when I for example ping, the ping request in live view is green or "Accepted" but it's not routing the traffic between the 2 switches but rather over the internet.
I am a bit baffled as the config looks identical of the interfaces and face value everything works.
Any ideas?
Do you have any policy based routing defined in your firewall rules, i.e. is the gateway set in one of them to sth different than standard / shown as * in the overview table?