Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Question about Static Route

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 547 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      TPCoMatt
      last edited by

      Hello - We are using a pfSense/Netgate device in a router-only setup, and are routing our own IPs on the LAN side, as well as have a BGP exchange with the ISP for a secondary set of IPs we own, i.e.:

      ISP Gateway (1.1.1.1/29)
|
|
pfSense WAN (1.1.1.2/29) -- BGP (Config for 3.3.3.0/24 exchange between ISP & pfSense)
pfSense LAN (2.2.2.0/24)
|
EdgeSwitch -- SecondaryFirewall WAN (2.2.2.247/24) 
|             SecondaryFirewall LAN (3.3.3.0/24)
|
Firewall WAN (2.2.2.5/24)
Firewall LAN (192.168.0.0/16)

      We need to make it so that "3.3.3.0/24" traffic/devices can pass traffic to/from the internet, via the 2.2.2.247 device, but I'm not seeing how/where this can be done.

      Do I add a 'static route' in pfSense?  If so, so I need to create a 'Gateway' at 2.2.2.247, so the static route has a gateway to go through?

      I'm a bit lost here, and any assistance would be greatly appreciated.  Thanks!!

      1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann
        last edited by

        @TPCoMatt:

        Do I add a 'static route' in pfSense?  If so, so I need to create a 'Gateway' at 2.2.2.247, so the static route has a gateway to go through?

        Yes.

        Basically you need two routes for accessing the internet: the upstream route and the downstream route.
        For the upstream route you have to set the ISP gateway as default gateway on the external firewall and select it in the WAN interface settings. On the secondary firewall you have to the same with the external FW's LAN address.
        For the downstream you need a static route on the external firewall. First set 2.2.2.247 as gateway (not default!) and then add a static route for 3.3.3.0/24 and select 2.2.2.247 for the GW to be used.

        1 Reply Last reply Reply Quote 0
        • T Offline
          TPCoMatt
          last edited by

          @viragomann:

          @TPCoMatt:

          Do I add a 'static route' in pfSense?  If so, so I need to create a 'Gateway' at 2.2.2.247, so the static route has a gateway to go through?

          Yes.

          Basically you need two routes for accessing the internet: the upstream route and the downstream route.
          For the upstream route you have to set the ISP gateway as default gateway on the external firewall and select it in the WAN interface settings. On the secondary firewall you have to the same with the external FW's LAN address.
          For the downstream you need a static route on the external firewall. First set 2.2.2.247 as gateway (not default!) and then add a static route for 3.3.3.0/24 and select 2.2.2.247 for the GW to be used.

          Thanks!  That worked perfectly!!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.