can't access IP on different subnet

Dan954

Cadet
Joined
Mar 26, 2016
Messages
2
Hello all,

I have two subnets on my LAN which are:
  • 10.0.0.0/24
  • 10.0.10.0/24
on my FreeNAS box I have configured one physical interface em0 via DHCP and one vlan interface (vlan10) with a static IP.

I can ping both IPs from my machine which is on the 10.0.10.0/24 subnet without problems, but I can't access the UI via the 10.0.0.0/24 IP or ssh on that IP.
The only IP that works with is the 10.0.10.0/24 IP. Any idea what could cause this?

Thanks.

A few things I already tried:
  • Port 443, 80, 22 aren't blocked on my firewall
 
Last edited:

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
There's only two things that can cause this:

1) Incomplete/incorrect configuration on the router
2) Incorrect configuration on the FreeNAS.

Can you show us the output of "ifconfig" on the FreeNAS box?

From the machine on the 10.0.10.0 side, can you ping the ROUTER'S INTERFACE ON THE 10.0.0.0 side? If not, the problem is in the routing.
 

Dan954

Cadet
Joined
Mar 26, 2016
Messages
2
I can ping the routers interface from the 10.0.10.0 side.

Code:
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2098<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
        ether 00:25:90:db:18:97
        hwaddr 00:25:90:db:18:97
        inet 10.0.0.35 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
igb0: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=6403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether 00:25:90:db:18:96
        hwaddr 00:25:90:db:18:96
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
vlan10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:25:90:db:18:97
        inet 10.0.10.50 netmask 0xffffff00 broadcast 10.0.10.255
        inet 10.0.10.55 netmask 0xffffff00 broadcast 10.0.10.255
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        vlan: 10 vlanpcp: 0 parent interface: em0
        groups: vlan
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 00:bd:c1:d9:f8:00
        hwaddr 00:bd:c1:d9:f8:00
        nd6 options=1<PERFORMNUD>
        media: Ethernet autoselect
        status: active
        groups: tap
        Opened by PID 4352
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:50:11:0f:36:00
        nd6 options=1<PERFORMNUD>
        groups: bridge
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: tap1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 7 priority 128 path cost 2000000
        member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 1 priority 128 path cost 20000
        member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 5 priority 128 path cost 2000000
tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 00:bd:5e:e7:f8:01
        hwaddr 00:bd:5e:e7:f8:01
        nd6 options=1<PERFORMNUD>
        media: Ethernet autoselect
        status: active
        groups: tap
        Opened by PID 4391

Code:
Destination        Gateway            Flags     Netif Expire
default            10.0.0.1           UGS         em0
10.0.0.0/24        link#1             U           em0
10.0.0.35          link#1             UHS         lo0
10.0.10.0/24       link#4             U        vlan10
freenas            link#4             UHS         lo0
10.0.10.55         link#4             UHS         lo0
localhost          link#3             UH          lo0

Internet6:
Destination        Gateway            Flags     Netif Expire
::/96              localhost          UGRS        lo0
localhost          link#3             UH          lo0
::ffff:0.0.0.0/96  localhost          UGRS        lo0
fe80::/10          localhost          UGRS        lo0
fe80::%lo0/64      link#3             U           lo0
fe80::1%lo0        link#3             UHS         lo0
ff02::/16          localhost          UGRS        lo0
I tried pinging something on the 10.0.10.0 side from the 10.0.0.0 interface on the FreeNAS box, but that doesn't work (it does work with other devices on the 10.0.0.0 subnet). Something seems to be wrong on the FreeNAS side as if it refuses to use the 10.0.0.0 gateway.
 

DaveY

Contributor
Joined
Dec 1, 2014
Messages
141
Only other thing I can think of is your vlan tagging on the switch. If you can't ping the gateway, your switch port is probably not configured correctly. The GUI should automatically listen on all interfaces, but for ssh, double check the advance setting and make sure it's listening on all interfaces
 
Joined
Dec 29, 2014
Messages
1,135
My bet is that the problem device(s) have an incorrect subnet mask, probably the "natural" 255.0.0.0 for a 10.X.X.X network. The FreeNAS has the correct subnet mask and the packet arrives, but the problem host has the wrong subnet mask and tries to respond directly instead of sending the reply back to the router. Do you have wireshark on one of the problem machines? If not, get that and see if the pings make it there. My bet is still subnet mask.
 
Top