Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to connect a Asus router to pfsense

    Scheduled Pinned Locked Moved NAT
    7 Posts 3 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kjgas
      last edited by

      Hi,

      I have a network with mulitiple vlans, using pfsense 2.4.3.
      I would like to use an extern Asus RT-N66U router on one of my vlan that handle all the firewall and network. Then the owner of that vlan can connect to this Asus router and manage his network like he want to.
      I want all the traffic to through pfsense directly to the Asus router like a tunnel from Wan to Asus.

      How can I set this up?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        So I assume, you want to use a specific WAN address to be forwarded to that network.
        If so, set up a 1:1 NAT with that public IP and the internal IP of the router and add a firewall rule to WAN which allow anything to the router IP.

        So any access to that specific WAN IP is forwarded to the ASUS router and upstream packets get that WAN IP when leaving pfSense on WAN.

        1 Reply Last reply Reply Quote 0
        • K
          kjgas
          last edited by

          Hi, thanx for your reply

          This is pretty much what I had in mind, but I don't think I have two WAN ip adresses available. My pfSense is connected directly to my fiber-cat6 converter, and I pay extra for a static IP.
          My ISP told me that my fiberport was set up to static IP and therefore I may not get another WAN ip adress. But the guy wasn't quite sure.

          The best would be if my Asus router used the same WAN ip adress as the rest of my Vlans. Is that possible?

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            With a single WAN IP it's not possible to use the same services on multiple internal servers. For instance if want to provide web services you can only forward the ports 80 and 443 to one single internal server.
            So if the customer provide network services you can forward the ports by Firewall > NAT > Port froward, but you cannot use these ports on the other networks.

            For outgoing connection this will be no problem. There are also no special settings necessary for that.

            1 Reply Last reply Reply Quote 0
            • K
              kjgas
              last edited by

              Yes I understand what you mean.

              As long as I skip any services to that router, can I set up a any-any firewall roule and then the Asus is in a DMZ zone?

              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                Yes, in conjunction with a NAT portforwarding rule, any incoming connection will be forwarded to the ASUS router.

                1 Reply Last reply Reply Quote 0
                • I
                  ilovedongle
                  last edited by

                  First give the Lan IP address to the same subnet as the pfSense,
                  Turn off DHCP from the router,
                  Connect cable From the LAN side of the wireless router to the pfsense interface.
                  do not use the internet on the wireless router.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.