DUAL LAN
-
I Tried searching the forums and got no where.
heres the setup
wan1–----------- Lan1-------------- working Data 10.1.0.0
Pfsense working
wan2------------- Lan2-------------- Viop Traffic Not working 192.168.1.0I am lost when it comes to the lan side of the dual part. is there any way for lan1 to access lan2?
and lan2 to have internet access?
any help is greatly appreciated
Or does any one have a better idea on how to set up a Voip/data network that will not interfear with the Lan1 company (2 business under one Pfsense)
2 seperate switches == 2 different lans -
I haven't setup a second lan specifically for VOIP, but a second LAN is pretty easy. Just setup outbound NAT rules for the second LAN and firewall rules similar to the ones auto-created for the LAN…
-
So I would have to set the outbound manually?
Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))
is that what I am going to have to do?
does anyonehave a Screen shot of the nat / firewall fig? if so please Just Insert dummy addresses and send to cpaulatwynnjonesdotcom
Just looking to keep pushing the pfsense envelope!
Great work! keep it up -
To give LAN2 internet access just add a rule on the LAN2 interface
Source LAN2 subnet
port any
dest any
port any
gateway WAN2this will send all traffic from LAN2 to WAN2
If you want to see how to do load balancing then take a look at:
http://doc.pfsense.org/index.php/MultiWanVersion1.2 -
in the interface assignment what do i put down as the interface ip address? 192.168.1.255/24?
i am a little lost the thing keeps thinking it is a wan interface not a lanand i do under stand the firewall rules but instead of the Wan2 could i just use the wan1 gateway instead?
also to clarify the two interfaces will not stray in to each others networks?also if i wanted to access the lan2 from lan1 could i just set some firewalll rules to access the bugger say port 80,22?
thank you for all your help!
-
Here are some example rules. These would allow the LAN to access the VOIP LAN, but the VOIP LAN could not initiate connections to the LAN. They would be routed out via two failover pools- failover1 being WAN fails to OPT1 and failover2 being OPT1 fails to WAN. In this example LAN net is 10.1.0.0/24 and VOIP net is 192.168.1.0/24. I haven't tried this config with Automatic NAT on.
Firewall, Rules:
LAN
PASS * LAN net * * * failover1 Allow all outbound LANVOIP (LAN2)
BLOCK * VOIP net * LAN net * * Block VOIP from LAN
PASS * VOIP net * * * failover2 Allow outbound VOIPNAT, outbound:
WAN 10.1.0.0/24 * * * * * No NAT LAN
OPT1 10.1.0.0/24 * * * * * No NAT LAN via 2nd WAN
WAN 192.168.1.0/24 * * * * * No NAT VOIP
OPT1 192.168.1.0/24 * * * * * No NAT VOIP via 2nd WAN -
I have folowed the example down to the T
and no dice the darn Trix box will not ping the gateway
192.168.1.1 (lan2) or google for that matter am i really forgetting to do someting?i have the lan2 interface set at 192.168.1.1
Thank you for all the help
Chase -
If your VOIP box can't ping the default gateway, there's something wrong that's not the firewall.
Verify the network config on your VOIP server- it's on the 192.168.1.x network, right? Default gateway is 192.168.1.1, subnet mask set correctly, etc. Check the physical link. Put a pc off that interface set to 192.168.1.100 or something and try to ping the lan2 interface, and the IP of the voip server. -
Yep did the pc install on the LAN2 could ping the VOip 192.168.1.2
but could not ping 192.168.1.1 (gateway/ Lan2 interface address)
pc ip address is 192.168.1.100i am not sure any more i redid all the load balance / failover rules but no luck
i also have this setup as this
wan–---- psudo lan2-----------Voip system 192.168.1.1 gateway not working
pfsense
wan2----- -----------lan1-----------linksysrouter----Voip system 192.168.1.1gateway Works pings and can acces internet.Thank you for all the help
-
LAN2: if you add a rule that allows all , with gateway as default - not load balanced, does it ping the gateway?
I am resetting my network here and I have the same sort of problem. 1.2 RC3
-
Nope did what you suggested no dice here
Chase
i am also running 1.2-RC2
Thank you
-
System, Advanced: check the box to disable the firewall. If you STILL can't ping, I would verify the hardware setup- NIC in the firewall, switch, etc…
