Title
i
icy-advantage-46802
12/30/2022, 3:21 PMHi Guys
quick question if I may ask 🙂
I have Netmaker server installed on AWS and 2 totally separated nodes which for some reason cannot ping each other
but if I connect the Ext Client it can ping every node in the network
any ideas?
j
jolly-london-20127
12/30/2022, 3:23 PMAre the nodes on AWS, and is UDP Hole Punching enabled?
i
icy-advantage-46802
12/30/2022, 3:32 PMNo, only the Server is placed on AWS and yes the UDP punching is enabled
one of the nodes is behind pfSense if this matters
one of the node`s is behind pfSense and cannot ping the secound node, but strangely enought the ext. client which can ping all nodes is also behind pfSense
that`s why i think pfSense is not the issue in this case
BTW i saw other people are complaining for the same issue
one of them told me that he had to install and connect netclient in the server and relay the traffic this way and it worked but was not able to explain me why....
I have no idea if this make sense at all
BTW As I`ve told on Linkedin next week I have to present your solution to our CTO but this is driving me crazy and I cannot figure it our on how to solve it
I can relay the traffic through the gateway/Netmaker Server but this not what i am looking for in my scenario
j
jolly-london-20127
12/30/2022, 6:19 PMThe reason the Ext client works is because it is being "relayed." Ext client is routing traffic through the netmaker server. The netmaker server is able to connect to all nodes, so all nodes are reachable from ext client
as to why the nodes behinad pfsense are not working, I am not sure. You may need to turn off UDP Hole Punching on those machines, and if it still doesnt work, you may need to forward the port from the router to the machine (51821)
i
icy-advantage-46802
12/30/2022, 6:25 PMi`ll try and report
i`ve created a new network with udp punching disabled ... no difference
no ping between nodes
I don`t think pfsense has anything to do with that
j
jolly-london-20127
12/30/2022, 7:22 PMAre all the nodes behind the same router?
i
icy-advantage-46802
12/30/2022, 7:26 PMNope
Only one is behind pfsense and the other one is behind pure Nat
Totally different networks and geo locations
I used the same configuration few months ago and everything was working as expected
I think there is something in the last version which causing this strange behaviour
ok, so i managed to remove pfSense out of the equation and magically everything starts working as it should....
no I am 100% positive that pfSense has something to do with this (no ping) problem
i could be something related to UDP hole Punching?
I fix it 🙂
All you have to do is to set a static port in Outbound Rule for the port you are using and make the same changes to the node in the Server if the port you are using is different than 51821 in my case 51821 is occupied by WireGuard package so I am using 51825
Here is the change i`ve made to the Node in the Server side
Here is the Outbound Rule with static port
I saw a lot of people looking for this solution, so if you think this will be helpful you can put it as a solution in your Docs. or make a separate channel under the official one related to pfSense users