Access to the internet
-
hi everyone firstly want to say I'm new to the forum and this is my first post. also please apologies for my bad English.
I need some advice.
want to know this scenario is possible to configure in pfsense
scenario -
I have 2 WAN connections
eg- WAN 1 ( 4 Mbps)
WAN 2 ( 4 Mbps)I have 3 VLANs in my LAN
eg- VLAN 1 - Sales
VLAN 2 - HR
VLAN 3 - ITso I want to configure -
users in VLAN 1 can access internet only through the WAN 1 ( 4 Mbps)
users in VLAN 2 can access internet only through the WAN 2 ( 4 Mbps)
users in VLAN 3 can access internet using both WAN 1 and WAN 2 with load balance ( 8 Mbps)is this possible ??? please give me some advice
Thanks!!
-
::)
-
Yes, you can do that with policy-based routing. Use firewall rules to direct traffic from particular subnets or VLANS to specific WANs. I can't provide specific guidance since I odn't have this configuration to play with. Search these forums and online for policy-based routing info.
-
@KOM:
Yes, you can do that with policy-based routing. Use firewall rules to direct traffic from particular subnets or VLANS to specific WANs. I can't provide specific guidance since I odn't have this configuration to play with. Search these forums and online for policy-based routing info.
Thanks KOM I'll search that
-
https://doc.pfsense.org/index.php/What_is_policy_routing
And you'll need this for traffic between your VLANs:
https://doc.pfsense.org/index.php/Bypassing_Policy_Routing
-
That policy-based routing page is practically useless without some examples and I never link to it because of that.
-
Oh well. We have the documentation we have.
-
hi everyone
I found some detail about policy-based routing and did some changes but It didn't work for me.
Now what I want to do is -
users is VLAN 1 (network 10.238.56.0) give access to internet through WAN1
users is VLAN 2 (network 10.238.59.0) give access to internet through WAN2what I did in pfsense -
system–>gateways-->
1.create 2 gateways for my 2 WANs
2.create a gateway for my LAN
3.WAN1 is selected as default
4.routes added to my 2 networks
10.238.56.0
10.238.59.0
5.no gateway groups addedFirewall–> Rules-->LAN
1.added 2 rules for my 2 networks
Eg- LAN 1
Action - pass
Interface - LAN
Protocol - TCP
Source - type - network
address - 10.238.56.0/24
destination - type - single host or alias/network/wan1 net/wan1 address/wan2 net/wan2 address
address -
advance features –> Gateway - WAN1Eg- LAN 2 same as above
please can anyone tell me
1. what is the suitable for
destination - type - single host or alias/network/wan1 net/wan1 address/wan2 net/wan2 address
2.is that need to add rules for WAN1 and WAN2 in Firewall--> Rules
-
1. For internet access the destination should be any.
You should also be passing IPv4 any protocol, not just TCP.
2. You don't need any rules on WAN1 or WAN2 unless you want to pass connections FROM the internet INTO pfSense (you are running servers that internet users need to access).
-
1. For internet access the destination should be any.
You should also be passing IPv4 any protocol, not just TCP.
2. You don't need any rules on WAN1 or WAN2 unless you want to pass connections FROM the internet INTO pfSense (you are running servers that internet users need to access).
thanks Derelict for your quick response.. now I changed like you said but still both networks using same gateway for access to the internet
what about floating rules is that necessary??
-
No.
Firewall–> Rules-->LAN
1.added 2 rules for my 2 networks
Eg- LAN 1
Action - pass
Interface - LAN
Protocol - TCP
Source - type - network
address - 10.238.56.0/24
destination - type - single host or alias/network/wan1 net/wan1 address/wan2 net/wan2 address
address -
advance features --> Gateway - WAN1Eg- LAN 2 same as above
Can you do screenshots of both Firewall > Rules pages for both LAN interfaces? Both System > Routing > Gateways?
-
yes I can
-
-
Might be just me but those are mostly too low-resolution to read.
-
sorry
-
What's LANGW, a gateway group?
-
-
Yeah those images aren't any good either. Just attach the images using the attachment tool in the forum posting form. Works great. Not sure why people insist on doing something else.
-
Nope. Still just thumbnails for me. Dont have time to deal with why multiple browsers don't display postimg correctly. Post them so people can see them.
![Screen Shot 2015-08-30 at 12.33.21 AM.png](/public/imported_attachments/1/Screen Shot 2015-08-30 at 12.33.21 AM.png)
![Screen Shot 2015-08-30 at 12.33.21 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-08-30 at 12.33.21 AM.png_thumb) -
Not for me they're not. Even after clearing cache 4 of 5 are still thumbnails.
![Screen Shot 2015-08-30 at 12.43.51 AM.png](/public/imported_attachments/1/Screen Shot 2015-08-30 at 12.43.51 AM.png)
![Screen Shot 2015-08-30 at 12.43.51 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-08-30 at 12.43.51 AM.png_thumb)