Route Between two pfSense boxes
-
This post is deleted! -
I hope you're not using NAT on box 2. Also, why even have 2 instances of pfSense, when you can simply have 2 subnets on just 1 of them.
-
I do have NAT setup on box 2 because it's essentially being used to route all Subnet 2 traffic through a VPN. What could I do to keep this current setup, but be able to communicate with hosts on subnet 1?
-
Use routing, instead of NAT. You go into System > Routing to do that. You can do it for both IPv4 and IPv6.
-
Will my VPN keep working if I do this? The setup guide for the VPN told me to do Manual Outbound NAT rule generation on the pfSense 2 box.
-
It has no effect on a VPN. Also, you normally don't have a VPN on the same subnet as the LAN. It would have it's own subnet. The exception would be if the VPN used TAP mode.
This illustrates what the IPv4 address shortage has done. People are so used to using NAT, they think it's the way things are supposed to be done. No, it's a hack to get around the address shortage and often cause problems.
-
The two pfSense boxes can ping ALL of each others' interfaces.
But the hosts within each respective Subnet can not be pinged. I think I may have taken a step back in terms of making things work. Here is a new more accurate diagram with some pfsense parameters attached.
