cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
571
Views
0
Helpful
1
Replies

SRP 527w talks to a pfSense firewall during traceroute

Mohammad Ammar
Level 1
Level 1

Hi,

Here is my weird situation; I have one LAN (managed by a SRP 527w) and within this LAN I have installed a pfSense box that acts as a Captive Portal for a bunch of access points that I have dedicated to guests.

The main LAN runs at 192.168.50.x

The pfSense LAN runs at 10.0.10.x and gets its LAN interface IP via DHCP

What is interesting is that when I do a traceroute from any client on the main LAN (192.168.50.x) I have the following result;

root@server:~# traceroute -nI 8.8.8.8

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets

1  192.168.50.1  0.327 ms  0.400 ms  0.484 ms

2  * * *

3  * * *

4  172.18.1.161  41.923 ms  41.941 ms  42.110 ms

5  * * *

6  172.20.3.41  42.711 ms  43.628 ms  43.993 ms

7  172.19.1.37  43.287 ms  142.439 ms  142.949 ms

8  8.8.8.8  143.215 ms  144.205 ms  143.321 ms

The two dead hops in the previous trace made me use the in-built router's traceroute utility which gave me the following output;

traceroute to 8.8.8.8 (8.8.8.8)

30 hops max

40 byte packets

1 * * * 192.168.50.105 (192.168.50.105) Request timed out.

2 * * * 192.168.50.105 (192.168.50.105) Request timed out.

3 15.032 ms 69.019 ms 112.666 ms 172.18.1.161 (172.18.1.161)

4 * * * 192.168.50.105 (192.168.50.105) Request timed out.

5 106.353 ms 94.355 ms 98.338 ms 172.20.3.41 (172.20.3.41)

6 128.553 ms 59.874 ms 66.846 ms 172.19.1.37 (172.19.1.37)

7 29.897 ms 179.558 ms * 192.168.50.105 (192.168.50.105)

Trace complete.

As you can see, in the first two lines the router tries to trace through 192.168.50.105 which is the IP pfSense uses to interface with my LAN.

My router should Not be doing this since it is the main and only gateway on the network and the IGMP function is switched off.

Why is this happening?

Cheers

1 Reply 1

jeffrrod
Level 4
Level 4

dear Mohammad,

Thank you for reaching the Small Business Support Community.

It's been a few days since you first posted your request for support with no answer yet, therefore I suggest you to contact the Small Business Support Center to better address your inquiry;

https://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

I am sorry we could not be a better help for you but please get in touch with this department where I am sure you will find a promptly answer.

Kind regards,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.