Connection between ipfire and pfsense

jhonfer3000

I'm trying to connect 2 firewall ipfire and pfsense both configured in virtualbox, ipfire as a perimeter firewall, with ip wan assigned by dhcp by the isp provider and lan internal network of virtualbox and pfsense as an internal firewall with ip wan assigned by dhcp in the internal network of virtualvox and lan 192.168.2.1, pfsense pings 8.8.8.8 and the wan of ipfire but the equipment connected to the pfsense LAN only does pin to pfsense LAN and WAN ip but not to 8.8.8.8, can you implement this solution or not?

viragomann

@jhonfer3000 said in Connection between ipfire and pfsense:

the equipment connected to the pfsense LAN only does pin to pfsense LAN and WAN ip but not to 8.8.8.8

So you do double NAT. Then I assume, that the LAN devices can as well ping the internal IP of ipfire.

If you have disabled NAT on pfSense, however, you have to care, that the ipfire nats the outbound traffic.

jhonfer3000

@viragomann said in Connection between ipfire and pfsense:

. Entonces asumo que los dispositivos LAN también pueden hacer ping a la IP interna de ipfire

hello thank you very much, it does not ping the ipfire internat network

viragomann

@jhonfer3000
Can pfSense ping it?

At least you said, pfSense can ping the WAN IP of ipfire. If the internal devices are not able to ping it check the outbound NAT.

jhonfer3000

@viragomann said in Connection between ipfire and pfsense:

@jhonfer3000
Can pfSense ping it?

At least you said, pfSense can ping the WAN IP of ipfire. If the internal devices are not able to ping it check the outbound NAT.

yes, as you say, I explain something that I just realized the ips I use are ipfire WAN 192.168.1.32 and LAN 192.168.10.1 and pfsense WAN 192.168.10.2 and LAN 192.168.2.1 and I am given the problem I commented on. But and installed again in other pfsense virtual machine only that I changed the LAN to 192.168.1.X and it works for me. I have internet and I ping at 10.1 and 10.2. but I want to solve the other thing I have created many NATs and I don't know, could it be that I disable NAT in ipfire or in pfsense?

jhonfer3000

@viragomann I think I have to find a way to get the 192.168.2.1 gateway assigned to me by PfSense to convert it to 192.168.1.1 in order to have access to the Internet or something similar, could it?

viragomann

@jhonfer3000
Of course, the devices behind pfSense have to use its LAN IP as default gateway. I presumed, that this is already given.

Best would be to disable the VirtualBox DHCP in this subnet and enable DHCP on pfSense. This set the proper gateway IP automatically.
Otherwise you have to configure the VirtualBox DHCP to hand out the correct gateway IP, but don't know, if this is even possible.