2 different IP ranges - how to setup?
-
Hello,
until now my colleague had setup and maintained a pfSense 2.1.5-RELEASE (amd64), I am very new to that…
We have WAN on em0 and LAN on em1
Until now, everything was fine, we had one range of 5 IP
We bought a new range of 5 IP but of course they are not following the current range and the GW is different...
I tried millions of things in VIP, NAT, 1:1 rules, nothing is working
Anyone could help me on that please?Thanks a lot
Alex
-
For starters your on a unsupported version.. Why don't you get current, and then we can figure out your issue.
2.3.1 is the current version. 2.1.5 is few months shy of 2 years old.
-
As JP suggests, backup your config, install the latest release and re-import the settings from the backup, or do an in-place upgrade. I'm guessing here, but you may not have flushed the ARP cache on your firewall after amending the IP/routing (assuming you HAVE amended the IP/routing - you don't actually say so explicitly - in which case the issue is more to do with settings).
-
I prefer not to upgrade now because this firewall is in production and I dont want a system down on the eCommerce website he helps to access.
Here is what I did- added a new gateway on my WAN interface – see screenshot
- added a NAT to forward one of my new IP xxx.xxx.170.210 to an internal IP (port 3389)
Is there anything else I should do?
Where to flush ARP cache on the pfSense?
thanks a lot
-
How did they give you the new range? Did they route it to one of the existing IP addresses?
-
They just gave me the IP range like that:
Gateway: x.x.170.209
IP Range: x.x.170.210 - x.x.170.214
Netmask: 255.255.255.248They didnt told me anything
They are the company that is hosting our server in their datacenter.thanks
-
Same ethernet interface? Different ethernet interface?
-
SAME
-
They should not be giving you two layer 3 networks on one interface. They should be giving you a second interface or they should be routing the new network to your interface address on the existing interface.
-
thanks Derelict
actually I was focusing on the wrong spot…
I created VIPs and a second gateway and this was correct.
But the machine I wanted to reach had its @#$%^ firewall activated...