2 Firewalls (not carp) question
-
I want to add another pfsense behind my current pfsense firewall that will do some basic filtering. Anyway, can i put this firewall in and turn on advance Nat then disable all Nat policies and have the main firewall handle this?
Here is what i was thinking… Will this work?(172.20.0.1/25)-----DMZ1
--wan--PFsense(10.7.2.1/26) ---- (10.7.2.5/26-wan)PFsense 2 ---then a 192.168.7.1/24 lan network
(10.8.2.1/24) ----VLANIdeally have the pfsense box on the 10 do all the natting for the 192.168.7.x/24 network without natting it as I would like to stay away from double natting as much as possible.
I looked around the forums but want sure how to word this correctly.
Thanks,
cconk01
-
Yes, that's possible. Just make sure you put a static route in on the border pfsense that points to the internal pfsense for the internal network. If you wanted, you could just do a transparent firewall if you don't want any routing at all.
-
could i use ospf for this? is there any support on pfsense for ospf?
Thanks
-
OSPF isn't supported at this time. You only need one static route in this scenario, any routing protocol is overkill.
-
ok. Thanks for the help
cconk01