• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Routing Issue

Scheduled Pinned Locked Moved General pfSense Questions
7 Posts 4 Posters 2.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    Smakynet
    last edited by Jul 30, 2008, 3:44 PM

    My network:

    WAN<-pfsense(.1)->LAN1(192.168.1.0/24)<–->(.5)Point-to-Point T1 Router(.254)<--->LAN2(192.168.2.0/24)

    Gateway for LAN1 is the pfsense-box (192.168.1.1)
    Gateway for LAN2 is the router (192.168.2.254)

    What would I need to do on the pfsense firewall to allow LAN1 to communicate with LAN2 and allow LAN2 access to the internet?

    1 Reply Last reply Reply Quote 0
    • G
      GruensFroeschli
      last edited by Jul 30, 2008, 3:54 PM

      Create a static route on pfSense for 192.168.2.0/24 pointing to 192.168.1.254.

      Set the default gateway on all clients in the LAN2 to 192.168.2.x (IP of your second router).

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • S
        Smakynet
        last edited by Jul 30, 2008, 4:55 PM

        Do I have to do anything for the outbound NAT?

        1 Reply Last reply Reply Quote 0
        • G
          GruensFroeschli
          last edited by Jul 31, 2008, 12:15 PM

          Only if you want the subnet behind your second router NATed (which you probably want).
          http://forum.pfsense.org/index.php/topic,7001.0.html

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • R
            razor2000
            last edited by Aug 1, 2008, 5:42 AM

            @GruensFroeschli:

            Create a static route on pfSense for 192.168.2.0/24 pointing to 192.168.1.254.

            Set the default gateway on all clients in the LAN2 to 192.168.2.x (IP of your second router).

            GruensFroeschli,

            Correct me if I am wrong, but wouldn't Smakynet have to create the static route to the 192.168.2.0/24 network pointing to (using) 192.168.1.5?
            I am gathering that the point-2-point T1 device circuit has ip's of 192.168.1.5 and 192.168.2.254 from his description.

            Let us know your thoughts….. Thanks!

            1 Reply Last reply Reply Quote 0
            • G
              GruensFroeschli
              last edited by Aug 1, 2008, 10:27 AM

              Yes you're right.
              It's kind of hard to read these line-ascii-diagrams :)
              I thought the router2 has 192.168.1.254 as WAN.

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by Aug 3, 2008, 12:44 AM

                @GruensFroeschli:

                Only if you want the subnet behind your second router NATed (which you probably want).
                http://forum.pfsense.org/index.php/topic,7001.0.html

                Not even in that case. All locally connected subnets, whether locally attached or configured via static route automatically have outbound NAT rules created for every WAN interface. This is true in 1.2 RC versions and newer at least, probably some 1.2 beta releases prior to RC. I don't recall exactly when it was added but it's been that way for a while. You only need AON if you require static port or have some complex NAT needs requiring you to disable the aforementioned automatic behavior.

                I updated the linked page to reflect this.

                1 Reply Last reply Reply Quote 0
                7 out of 7
                • First post
                  7/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received