Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense+Cisco 2621XM

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      austinm6
      last edited by

      Hello everyone,

      My current setup is Internet-CableModem-Pfsense-Switch-Devices

      Pfsense gets the wan's ip from dhcp. The lan is 192.168.1.1 255.255.255.0

      What  I would like to do is setup another network using a Cisco 2621. I would want to do Internet-CableModem-Pfsense-Switch<-PC's on 192.168.1.x 255.255.255.0
                                                                                                                                                                                  Cisco 2621XM-Switch-PC's on another subnet. (I am open to any address and subnet)

      Does anyone know if this is possible? I have tried setting up the 2621 using Dhcp on the side connected to 192.168.1.x (dhcp is on windows server 192.168.1.254) and it received an ip address fine.  Then I set the other interface to 172.16.1.1 255.255.0.0

      The router is able to ping everything on 192.168.1.x and is able to ping internet websites. However the devices in the 172.16.1.x network cannot ping past the 2621. (but can ping the router 172.16.1.1)

      If anyone can point me in the right direction, that would be extremely helpful. Thanks in advance!

      -Austin

      1 Reply Last reply Reply Quote 0
      • P Offline
        phil.davis
        last edited by

        pfSense needs:

        • a firewall rule allowing traffic from the 172.16.0.0/16 in on the LAN interface
          -  a route added to 172.16.0.0/16 - that needs you to add a gateway 192.168.1.x (x is the address of the Cisco on the pfSense LANnet) and add a route going to that gateway. Then it knows how to return packets.
        • add manual NAT rules to pfSense WAN to NAT 172.16.0.0/16 as it goes out to the internet (192.168.1.0/24 gets NAT done automatically in the default setup)
          Others please comment if I have missed a step here, but I think that is enough to get a subnet behind the pfSense LAN to talk through it to the internet.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • A Offline
          austinm6
          last edited by

          Thank you so much! I did exactly as you implied and now 172 can reach 192 and the internet. Thanks again! :D

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.