Allow LAN to LAN, not routing
-
@lewis said in Allow LAN to LAN, not routing:
Yes, our traffic is allowed, it's me that is not sure what to do on our end as I don't want to break something.
I already explained this is beyond my level of knowledge with pfsense and you keep telling me it's simple, do this, do that but I've never done it before so cannot follow such advise.
Could someone please explain the steps, one by one.
So, can someone please give me the steps?
Please don't be offended, but it really sounds like you need to hire someone who knows what they're doing.
-
That's not very nice. I already explained that this kind of setup is new to me. I've been using pfsense for many years but I simply cannot mess this up since it's not my network to practice or learn on.
What's the point of a 'community' helping each other when they only help those who already know how.
-
Thing is, you have been told several times what steps are necessary. You are asking someone to spend at least a good part of an hour outlining the steps one by one for you.
Why should someone do that and not be compensated?
There is a difference between asking a question and demanding someone be your personal, uncompensated, consultant.
That is why you do not yet have a list of exact steps to take.
-
Demanding??????
There is no 'thing is'. I've never done this before and I added something that had not been mentioned/asked about in my original post so now I'm not sure what is what.
You help each other all the time, don't give me this nonsense about not being paid, you replied. I'm not asking for the world here, I'm asking for a little help from kind human beings which is what forums are all about.
What kind of stupid world are we building anyhow? I help people all the time and now I ask for a little help and you come back with this garbage that is said all the time in forums.
Just don't respond then and let someone help find the kindness to instead of motivating others not to. I've been struggling with this all day, I sure don't need your high and mighty hate friend.
Very nice community friend, very nice.
-
@lewis Please don't overreact. We're empathetic to your issue and you have received lots of replies and guidance. Derelict was being straight-forward even if it wasn't easy to hear.
If you want to go the static route method, you would need to know the network you want to connect to, possibly 10.0.1.0/24, and the address of their gateway. You can't create a route without it. Also, they would have to modify their firewall rules to allow you to talk to that NFS server or nothing will work.
I can't seem to find it here, but did you mention what the other network is connected to? Your diagram makes it look like they're connected directly to your pfSense instance and that probably isn't right.
-
You can try to justify your online friends behavior all you want but it's far from being straight forward. It's just unfriendly, rude and it's mean as the person receiving it.
There is no excuse for high and nightly behavior and only helping those who are already experts. Don't freaking help if you feel your help is worth too much that you cannot help those who are still learning.No one needs to be told these things in forums, it's absolutely insulting when you can clearly tell when someone is trying. I've been in forums long enough to tell when someone just wants the answers and is not willing to learn and this is not the case.
I said many times, I've never done this before, it's a live network that I cannot mess up.
I don't need any help at this point. I had to hire someone to do this tomorrow. Thanks so much for the help that was NEVER demanded. Such childish behavior in what I would have thought were professional forums.
-
huh? Just at a loss to how this got to you saying help and advice to you is offensive..
Your drawing looks like that 10.0.1 network is attached to your pfsense directly.. Which as already mentioned seems highly unlikely if your in a data center.
Your saying you have an interface on pfsense, a physical interface or vlan that is actually in the 10.0.1 network? And pfsense has an IP on this interface that is in this network? So all your devices are on the same L2? In a DC, and you just run whatever IP ranges you want? Again highly unlikely... I would not be in such a DC with my stuff that is for damn sure..
If you want to share data with another customer in the DC, then the DC would have to connect your networks, or provide a transit network between, etc..
As to your concern about routing? Sorry but its not possible for 2 different networks to talk to each other with out routing.. I have to concur with the other comments, you seem to be over your head.. And its prob best to hire the DC or someone that works with the DC where your stuff is located on how you and another customer there can share data..
-
Don't twist my words, I never said that.
I'm done with this thread if you're all going to try to justify shitty behavior. Talk to yourselves, get the lat word in if it means that much to you at this point because I'm not going to respond.
-
It's unclear exactly how these subnets are connected and we need to know that before we can tell you what steps are required.
I think most will have assumed that you have a subnet behind a pfSense firewall and your neighbour has a different subnet behind some other firewall router. Is that correct?
The diagram implies it might just be one pfSense instance in front of both subnet which would be very different.
If it's two firewalls, which seems more likely, the correct way to do this is to link those firewalls using a new connection. That might just be a Ethernet cable directly if you have spare interfaces. Setup a small transit subnet on that link and then route traffic between the LANs across it.
If you don't have interfaces you might be able to route via the WAN if they share a WAN side subnet. Or use a tunnel of some sort.
Steve
-
@lewis said in Allow LAN to LAN, not routing:
I said many times, I've never done this before, it's a live network that I cannot mess up.
My point exactly.
