Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Connection between ipfire and pfsense

    Scheduled Pinned Locked Moved NAT
    7 Posts 2 Posters 654 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jhonfer3000
      last edited by

      I'm trying to connect 2 firewall ipfire and pfsense both configured in virtualbox, ipfire as a perimeter firewall, with ip wan assigned by dhcp by the isp provider and lan internal network of virtualbox and pfsense as an internal firewall with ip wan assigned by dhcp in the internal network of virtualvox and lan 192.168.2.1, pfsense pings 8.8.8.8 and the wan of ipfire but the equipment connected to the pfsense LAN only does pin to pfsense LAN and WAN ip but not to 8.8.8.8, can you implement this solution or not?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @jhonfer3000
        last edited by

        @jhonfer3000 said in Connection between ipfire and pfsense:

        the equipment connected to the pfsense LAN only does pin to pfsense LAN and WAN ip but not to 8.8.8.8

        So you do double NAT. Then I assume, that the LAN devices can as well ping the internal IP of ipfire.

        If you have disabled NAT on pfSense, however, you have to care, that the ipfire nats the outbound traffic.

        J 1 Reply Last reply Reply Quote 0
        • J
          jhonfer3000 @viragomann
          last edited by

          @viragomann said in Connection between ipfire and pfsense:

          . Entonces asumo que los dispositivos LAN también pueden hacer ping a la IP interna de ipfire

          hello thank you very much, it does not ping the ipfire internat network

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @jhonfer3000
            last edited by

            @jhonfer3000
            Can pfSense ping it?

            At least you said, pfSense can ping the WAN IP of ipfire. If the internal devices are not able to ping it check the outbound NAT.

            J 2 Replies Last reply Reply Quote 0
            • J
              jhonfer3000 @viragomann
              last edited by

              @viragomann said in Connection between ipfire and pfsense:

              @jhonfer3000
              Can pfSense ping it?

              At least you said, pfSense can ping the WAN IP of ipfire. If the internal devices are not able to ping it check the outbound NAT.

              yes, as you say, I explain something that I just realized the ips I use are ipfire WAN 192.168.1.32 and LAN 192.168.10.1 and pfsense WAN 192.168.10.2 and LAN 192.168.2.1 and I am given the problem I commented on. But and installed again in other pfsense virtual machine only that I changed the LAN to 192.168.1.X and it works for me. I have internet and I ping at 10.1 and 10.2. but I want to solve the other thing I have created many NATs and I don't know, could it be that I disable NAT in ipfire or in pfsense?

              1 Reply Last reply Reply Quote 0
              • J
                jhonfer3000 @viragomann
                last edited by

                @viragomann I think I have to find a way to get the 192.168.2.1 gateway assigned to me by PfSense to convert it to 192.168.1.1 in order to have access to the Internet or something similar, could it?

                V 1 Reply Last reply Reply Quote 0
                • V
                  viragomann @jhonfer3000
                  last edited by

                  @jhonfer3000
                  Of course, the devices behind pfSense have to use its LAN IP as default gateway. I presumed, that this is already given.

                  Best would be to disable the VirtualBox DHCP in this subnet and enable DHCP on pfSense. This set the proper gateway IP automatically.
                  Otherwise you have to configure the VirtualBox DHCP to hand out the correct gateway IP, but don't know, if this is even possible.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.