2 pfSenses, 2 WAN and 1 Local Server

sarmad

What i am trying to solve is to find a way that i can access the LAN in place1 from place2 and vice versa and use internet1 just in place1 and internet2 just in place2.
So the connection between two nanos just to pass the LANs packets to be more fast without need to pass the internets over the nanos.

sarmad

If i put OPT1 interface in pfsense2 with ip from lan1 subnet and make routing will work?

sarmad

I made the following:
pfsense1 - place1:

WAN (public static ip/28 - ISP default gateway - Internet connection1 10Mbps)
LAN 192.168.0.200 (192.168.0.0/24 - no default gateway)
Gateways:
- GW_WAN (default) (ISP default gateway)
- pfsense2_OPT1 192.168.0.201 (not a default gateway)
Static Routes
- Destination network 10.0.0.0/24 - gateway 192.168.0.201
Bypass firewall rules for traffic on the same interface checkbox is checked

pfsense2 - place2:

WAN (public static ip/25 - ISP default gateway - Internet connection2 20Mbps)
LAN 10.0.0.200 (10.0.0.0/24 - no default gateway)
OPT1 192.168.0.201 (default gateway 192.168.0.200)
Gateways:
- GW_WAN (default) (ISP default gateway)
- pfsense1_LAN 192.168.0.200 (not a default gateway)

The connection between pfsesne1- LAN and pfsense2-OPT1 is done by a NANO connection

NANO1 192.168.0.2/24 connected to the same subnet of pfsense1
NANO2 192.168.0.3/24 connected directly to pfsense2-OPT1

now all PCs on the both sides can ping each others. But when i connect to internet in place 2, appear for me that i am using the public ip 2 but the speed of internet1 10Mbps. so the internet speed is the same in both sides

Derelict

Don't do it like that. Create a transit network and put the nano bridges on that.

Bypass firewall rules for traffic on the same interface checkbox is checked

If you have to use that checkbox you are almost certainly doing it wrong.

sarmad

i will do, but have to make a load balance?

Derelict

No. If you WANT to you can create a gateway group using the ISP and the wireless gateways so if one side's ISP goes down it could have internet over the wireless, but that is independent of the static route to just the other side's LAN.

sarmad

thanks Derelict
i made exactly the same design that you suggested and worked perfectly for two days and the ping from a pc in LAN1 to a pc in LAN2 was stable. Today, the ping from a pc in LAN1 to the NANO2 (connected directly to OPT2) is stay stable, but the ping from a pc in LAN1 to a pc in LAN2 isn't stable all the time.

Derelict

Not sure what you are expecting from us there. Transient internet problems can and do occur. Wireless interference can and does occur.

sarmad

but i am not using the internet to connect the other side, i am using the nano connections, and the nano connection is stable because the ping of other side nano is stable.

Derelict

Well I can safely say that "It's not pfSense."