Different subnets on one interface for Internet

tonysky

Hi all,

I have set up a PfSense 2.4.4 with a nic for WAN and another for LAN (192.168.1.1).
Until now, everything worked fine, because all my network assets were with IP like 192.168.0.0/16
Today I have to add new assets that are connected to my network with VPN.
Created a new gateway with the router's IP address 192.168.20.254. This router communicates with other ones. For example, the router's IP address on another site is 192.161.20.254
So in PFSense I created :

• a gateway (192.168.20.254) on nic LAN
• a static route to 192.161.0.0/16 via gateway 192.168.20.254
• I checked the option for bypassing firewall rules on same interface

As a result, for a computer on the site with IP address 192.161.2.1 (obtained via Windows server DHCP), I can ping every router (192.161.20.254, 192.168.20.254) and I can ping PFSense's IP 192.168.1.1 I can also access network shares or web applications.
But I can't go on the Internet.
Moreover, the network is not considered as a domain one (but a public one)
What do I forget to make it work ? NAT ? FW rule(s) ?

Thank you for all your replies !

chpalmer

You should not have a Gateway on your LAN interface.