Connecting two lans (pfsense) with static routing (RESOLVED)
-
Hello,
Please excuse my question as it may be a newbe question but i have spent hours trying to figure this out.
I have 2 networks,
Lan network 1 is 172.16.0.0/24
Lan network 2 is 172.16.1.0/24
i have 2 wan internet connections coming in to each firewall. with different static ip addresses for each.
both networks are connected by a router with the addresses of 10.40.34.128/27 and a gateway of 10.40.34.129.Illistration below
Vlan
|
/_________+
| Router |
| 10.40.34.128/27 |
| Gateway |
| 10.40.34.129 |
\–-----+-------+-------/
| | |-----------Internet
| | |
Internet-----| | | |
/-+--+------\ STATIC /-+------+----
|10.40.34.133| route to LAN 2 -> |10.40.34.134 |
| pfsense1 | STATIC | pfsense2 |
| 172.16.0.1 | <- route to LAN 1 | 172.16.1.1 |
------+-----/ -----+--------/
| |
172.16.0.0/24 172.16.1.0/24
| |
LAN 1 LAN 2What i am tring to do is set up a network link between the 2 pfsense firewals so lan 1 can talk to lan 2 and lan 2 can talk to lan 1
Interfaces settings on lan 1 firewall
WAN: 200.50.XXX.XXX
OPT 10.40.34.128/24 Gateway 10.40.34.129
LAN 172.16.0.1/24Interfaces settings on lan 2 firewall
WAN: 200.50.XXX.XXX
OPT 10.40.34.128/24 Gateway 10.40.34.129
LAN 172.16.1.1/24
I appreciate any help or advice on this matter.i have set up a static route on each pfsense that reads the following
pfsense 1
Interface PRIVATE
Destination network 172.16.0.0/ 24
Gateway 10.34.40.134pfsense 2
Interface PRIVATE
Destination network 172.16.1.0/ 24
Gateway 10.34.40.133I can ping 10.40.34.133 from pfsense 2 but cant ping any lan addresses behind it.
I can ping 10.40.34.134 from pfsense 1 but cant ping any lan addresses behind it.
Thanks in advance
Rich
-
Ok i got it and i think it was so stupid of me.
i needed to use the 10.34.40.xxx ip address prior to the pfsense i was trying to communicate i would be considered the last ip before my connection. works great now.So now i know the gateway is actually the last ip address prior to the router were the network your trying to connect is for a static route.
I had them backwards.
i have set up a static route on each pfsense that reads the following
pfsense 1
Interface PRIVATE
Destination network 172.16.0.0/ 24
Gateway 10.34.40.133pfsense 2
Interface PRIVATE
Destination network 172.16.1.0/ 24
Gateway 10.34.40.134 -
I dont understand your setup…..Why do you do it this way?? Is this a wireless access point (10.40.34.128/27)?? or is it because your boxes only have one WAN each??
-
no not at all, i have a server account with softlayer and running 2 esx 4.0 servers, all my ip addresses are portable and i have a public /27 portable and a private /27 portable vlan. and i have no access to the router on the private lan. i could have ordered one from them but they took 2 weeks to get my portables connected right and for me to conect the 2 server lans together it was the only thing i could think of. it is working fine right now as i have 2 DNS servers one on each server and they update eachother. just a big learning curve ??? but i am getting there, just having some other issues lik having the 2 pfsense talk to eachother keeps saying error reading daa or somthing.