LAN1->WAN1->LAN2->WAN2->internet
-
LAN1->WAN1->LAN2->WAN2->internet
LAN1 is my internal network with access to LAN2 and internet
LAN2 is my DMZ sandwiched between an internal pfsense and external pfsense. LAN2 can access the internet but unable to access LAN1 in the current setup.
One solution may be to add an interface with a LAN2 IP address on the internal pfsense. Use this IP as new gateway in the external pfsense and route LAN1 traffic to it. Will this work or is there a better solution?
-
Better to setup
Lan1…..internal network
Lan2.....DMZ. -----> pfsense ---> wan ---> internetRoute between lan1/lan2 as needed
Your way seems unconventional since you have to break
All boggon firewall rules to be able to access lan1 from lan2
If lan2 is on 192.168. ... Or 10.0.0.. Or 172.16.0... -
Thank you for your advice on my setup (see attached). You are correct that lan2 is on 192.168.2.. My goal is for dmz system to mount a smb share served on system 1.
Your suggested setup would have dmz lan and internal lan both behind one firewall. Yes?
-
Yeap different networks and route between them