How-to setup 2 WANs + 2pfsense + 1 DMZ + 3 LANs

debuguser

Hi everybody, ;D

I am new with pfsense  :D so I would like to have helps and advise for how-to setup 2 WANS + 2 pfsens + 1 DMZ + 3 LAN, please see the below schema

WAN0 (Nic0)          DMZ0                    _____LAN1(Port2)
    \                  |                    |
    \                |                    |
      \pfsens0 (Nic2)–--pfsense1(Nic3)---Switch0---------LAN0(Port1)
      /                                      |
    /                                      |_____LAN3(Port3)
    /
WAN1 (Nic1)

Please see below for IP addresses that I intend to use, I don't know what default gateway and dns IP to use for all LANs as I am confuse :(. Also please correct me if my IP settings is not correct

WAN0: Static IP: 70.169.215.103 Subnet: 255.255.255.24x Default Gateway: 70.169.215.102 DNS1: 240.200.189.34 DNS2: 240.200.189.35confuse

WAN1: Static IP: 34.69.200.89 Subnet: 255.255.255.24x Default Gateway: 34.69.200.90 DNS1: 240.200.189.34 DNS2: 240.200.189.35

pfsense0: Static IP: 192.168.0.1 Subnet: 255.255.255.0 Default Gateway: 192.168.0.1 DNS1: 192.168.0.1

pfsense1: Static IP: 192.168.1.1 Subnet: 255.255.255.0 Default Gateway: 192.168.1.1 DNS1: 192.168.1.1

DMZ0: Static IP: 192.168.0.250 Subnet: 255.255.255.0 Default Gateway: 192.168.0.1 DNS1: 192.168.0.1

LAN0: Static IP: 192.168.2.1 Subnet: 255.255.255.0 Default Gateway: ???.???.???.??? DNS1: ???.???.???.???

LAN0: Static IP: 192.168.3.1 Subnet: 255.255.255.0 Default Gateway: ???.???.???.??? DNS1: ???.???.???.???

LAN0: Static IP: 192.168.4.1 Subnet: 255.255.255.0 Default Gateway: ???.???.???.??? DNS1: ???.???.???.???

I use ipcop presently.

Thanks in advance. :D

debuguser

bricekrispy

i've goten pretty good at setting up pfsense boxes even made some money on a few but the way i started was to make a simple router work and then pfsense is very easy for adding features\hardware in the mix.

debuguser

i've goten pretty good at setting up pfsense boxes even made some money on a few but the way i started was to make a simple router work and then pfsense is very easy for adding features\hardware in the mix.

I have no problem to setup single router connection.

bricekrispy

then do a simple router setup plus 1 wan

debuguser

@bricekrispy:

then do a simple router setup plus 1 wan

Thanks for quick answer, I have no problem with the second wan, pfsense have very good tuto on this. what i really need is from the 1st pfsense to my 3 lans, correct dns settings if not correct

Thanks

nocer

Hello,

It's not clear what the address is between the link pf0 and pf1. If you configure
–-
pfsense0: Static IP: 192.168.0.1 Subnet: 255.255.255.0 Default Gateway: 192.168.0.1 DNS1: 192.168.0.1
pfsense1: Static IP: 192.168.1.1 Subnet: 255.255.255.0 Default Gateway: 192.168.1.1 DNS1: 192.168.1.1

in between, then it's never gonna work.  Set pf1 to 192.168.0.2, or whatever the address within the same subnet address as pf0 resides and, all the lan under pf1 should point pf1 as its default gateway, dns too if masq enabled. pf1 should point pf0 as its gateway/dns. pf0 should know that there are lans behind pf1 so adding static routes that point back to pf1. It's also a good idea if pf1 configured to be a "bridged" mode. I may miss your point but hope this helps.

cheers,

SB HidDeN

Can I help to find the right way???
1. You have 2 pfSense machines?
2. Every pfSense have NIC's(number them all, and list all ip's here)
3. There is a difference betwen NIC configuration on pfsense and stations configuration (subnet behind "pfSense1")

Configuration with 1 router ("pfSense0") works fine…No additional tasks required!
Now the "pfSense0" must know what subnet they must pass to "pfSense1" (so you must write static route on "pfSense0" for each subnet working behind "pfSense1" like). On "pfSense1" you must use only 1 "default Gateway" on NIC, that looks to "pfSense0"(it will be the WAN for this router). No additional  steps required.

I think you must understand the principles of routing...
Now, the sample configuration:
"pfSens0" NIC's: pfSense0WAN0, pfSense0WAN1, pfSense0DMZ, pfSense0LAN
"pfSens1" NIC's: pfSense1WAN0, pfSense1LAN0, pfSense1LAN1, pfSense1LAN2

pfSense0WAN0 :Static IP: 70.169.215.103 Subnet: 255.255.255.24x Default Gateway: 70.169.215.102
pfSense0WAN1 :Static IP: 34.69.200.89 Subnet: 255.255.255.24x Default Gateway: 34.69.200.90
pfSense0LAN    :Static IP: 192.168.0.1 Subnet: 255.255.255.0
pfSense0DMZ  :Static IP: 192.168.1.1 Subnet: 255.255.255.0

pfSense1WAN0 :Static IP: 192.168.0.2 Subnet: 255.255.255.0 Default Gateway: 192.168.0.1
pfSense1LAN0  :Static IP: 192.168.2.1 Subnet: 255.255.255.0
pfSense1LAN1  :Static IP: 192.168.3.1 Subnet: 255.255.255.0
pfSense1LAN2  :Static IP: 192.168.4.1 Subnet: 255.255.255.0

now we have IP's, but have no routes. Add static routes on "pfSense0":
1. Destination network : 192.168.2.0/24 Gateway: 192.168.0.2
2. Destination network : 192.168.3.0/24 Gateway: 192.168.0.2
3. Destination network : 192.168.4.0/24 Gateway: 192.168.0.2

now, we have configured  both routers...
now, we'll configure the STATIONS in subnets, not routers!
in subnet DMZ you must use 192.168.1.1 as default gateway,
in subnet LAN0 you must use 192.168.2.1 as default gateway,
in subnet LAN1 you must use 192.168.3.1 as default gateway,
in subnet LAN2 you must use 192.168.4.1 as default gateway.

now disable DNS Forwarding on "pfSense1" and in all subnets use 192.168.0.1 as DNS

Don't forget about Firewall rules!!!

Any questions?