Multi LAN - Single Wan
-
thanks for the reply…
after change it to manual NAT..there one entry has been created.
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN 90.0.0.0/24 * * * * * NO Auto created rule for LANand ive add
WAN 90.0.0.0/24 * * * * * NO Auto created rule for LAN2
am i doing right things here?
btw, can this rules manage to get the LAN2 appear on ARP Table? ive manage to modify the ARP Tables to get my whole network MAC address to prevent some user might change their own IP address..
-
That second line (the one for LAN2) should have a subnet of 90.0.1.0/24.
And no, if 90.0.1.0/24 is only reachable by a router, then MAC addresses for that subnet will not show up in the ARP table.
-
opps..sorry..yep..its 90.0.1.0/24 :o my bad..
is there any way i can get their mac address? what about proxy/lusca_cache.. will LAN 2 get cached too?
-
You'd need to add that subnet into an ACL for squid, I don't use the lusca version so I can't say what that might entail.
No way to get their MAC unless everything was in one large subnet without an intermediate router.
-
what about static routes? do i need to apply that also?
here my current?Interface Network Gateway
LAN 90.0.1.0/24 90.0.0.201 -
Not sure what you're asking about applying them to. NAT? Squid? You don't need to do anything to them for static routes
-
my squid seems didnt capture anythin via lightsquid..
same goes for LAN2, still cant access anything on WAN (internet)not sure what i missed here..
-
SQUID seems didnt work for LAN2
-
Did you add the LAN2 subnet to squid's list of authorized networks/subnets?
-
Did you add the LAN2 subnet to squid's list of authorized networks/subnets?
yep..ive already add that into that…
90.0.1.0/24
still cant get LAN2 go through the net via LAN1 -> WAN -
updated with attached layout
-
Same Problem with me.
I'm using pfsense 1.2.3 release.
I have LAN(10.10.254.0/24) ,virbr2_ES(10.10.4.0/24), virbr0_SS(10.10.2.0/24),1 WAN(dhcp 192.168.2.0/24).
NAT rules:
WAN 10.10.254.0/24 * * * * * NO Auto created rule for LAN
WAN 10.10.4.0/24 * * * * * NO rule for virbr2_ES
WAN 10.10.2.0/24 * * * * * NO rule for virbr0_SSFirewall is friendly and blocks nothing.
DNS forwarder is active.Mysterius things happens:
from LAN:nslookup www.google.de
Server: 10.10.254.1
Address: 10.10.254.1#53** server can't find www.google.de: REFUSED
–-----and minutes later-------
nslookup www.google.de
Server: 192.168.2.100
Address: 192.168.2.100#53Non-authoritative answer:
www.google.de canonical name = www.google.com.
www.google.com canonical name = www.l.google.com.
Name: www.l.google.com
Address: 74.125.79.104
Name: www.l.google.com
Address: 74.125.79.147
Name: www.l.google.com
Address: 74.125.79.99the same on all "LANs", sometimes it works and sometimes not ??
DNS is not the only Problem.
When it works I could resolve names but from the opt interfaces virbr2_ES and virbr0_SS
sometimes i can ping in the internet(www.heise.de) and sometimes not.Some Idears?
-
My Static Rules is
Interface : LAN
Destination network : 90.0.1.0/24
Gateway : 90.0.0.201yet still i cant manage to get my LAN2 connect to the internet.
here my manual outbound.
![Firewall NAT Outbound.jpg](/public/imported_attachments/1/Firewall NAT Outbound.jpg)
![Firewall NAT Outbound.jpg_thumb](/public/imported_attachments/1/Firewall NAT Outbound.jpg_thumb)