Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Adding 3rd subnet to WAN

    Routing and Multi WAN
    2
    4
    697
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FuriouS
      last edited by

      We have had two subnets workin for some time. The datacenter no longer wants to use VRRF for new vlans and we need more IPs. They say they have routed the network to the WAN IP of our pfsense router, but I can't seem to get any connectivity going.

      I have created a VIP on each firewall inside the network range so I can create CARP entries. I can't figure out what the routes our gateway config setup needs to be since they are just routing the network to me there is no gateway or route settings to be done.

      My specific question is this:

      When a colo-provider is routing a network into my WAN IP address, how do I configure that network for use in pfsense? The old networks used VRRF from the provider so I had a gateway for each and they are up without issue.

      Example
      Carrier is routing 192.41.75.0/27 into my WAN IP of 192.41.65.225. How do I capture and route this network in pfsense?

      1 Reply Last reply Reply Quote 0
      • F
        FuriouS
        last edited by

        Another way to ask this is:

        If the default gateway for the first network was 192.41.80.1, and my firewalls IP is 192.41.80.5, and they are routing the new network of 192.41.81.0/27 to my IP, do I use the default gw for routing traffic back out on the new network?

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Do you want to use this new subnet for services hosted on pfSense, 1:1 NAT, port forwards, or actual hosts?

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • F
            FuriouS
            last edited by

            This turned out to be an access list issue with the data center provider. The had setup using VRRF prior to discovering the issue, so we're still using it but odds are it would have worked fine as configured.

            I guess we'll shift to the new configuration when we upgrade the hardware pfsense is running on.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.