• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Setting up vpn on different subnets with SG-1000 and isolated network [SOLVED]

Scheduled Pinned Locked Moved Routing and Multi WAN
8 Posts 4 Posters 4.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    harryjohnsonab
    last edited by Nov 7, 2016, 5:38 PM Oct 31, 2016, 7:23 PM

    Hello!  :)

    I wanted to know if it is possible to apply a VPN connection to a specific subnet or mac address - so the devices always connect using the VPN connection (Private Internet Access VPN).
    This all being controlled by the SG-1000 microFirewall.

    Also, how well do the Ubiquiti UniFi UAP-AC-LR work with PfSense? I want to isolate the wireless network it produces, and hide the default router (SG-1000), so users connected to the wireless network cannot see it.

    Is all this possible? I just wanted to know before i went and bought those two items  ::).

    Please let me know if more details are needed, or if this is posted in the wrong place!

    Thanks!  ;D

    1 Reply Last reply Reply Quote 0
    • K
      KOM
      last edited by Oct 31, 2016, 7:47 PM

      if it is possible to apply a VPN connection to a specific subnet or mac address

      IP address or subnet - yes.  MAC address - no.

      and hide the default router (SG-1000), so users connected to the wireless network cannot see it.

      How do you hide a gateway?

      1 Reply Last reply Reply Quote 0
      • D
        Derelict LAYER 8 Netgate
        last edited by Oct 31, 2016, 10:26 PM

        You would "hide" the router from the wireless clients with the necessary and proper firewall rules, if I am understanding the requirements correctly.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • H
          harryjohnsonab
          last edited by Nov 2, 2016, 4:08 PM

          @Derelict:

          You would "hide" the router from the wireless clients with the necessary and proper firewall rules, if I am understanding the requirements correctly.

          That is exactly what i was trying to explain..  :)

          Making it isolated, so they have a different gateway, and cannot view or snoop any information/clients on the other networks.

          Do you know if the Ubiquiti UniFi UAP-AC-LR works well with pfSense?

          Thanks!  :D

          1 Reply Last reply Reply Quote 0
          • D
            Derelict LAYER 8 Netgate
            last edited by Nov 3, 2016, 6:23 AM

            pfSense doesn't care what APs you use, unless they're somehow broken.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • L
              luckman212 LAYER 8
              last edited by Nov 5, 2016, 4:30 AM

              Off topic but… have the SG-1000's started shipping??  I ordered a couple and am eagerly awaiting them.  It seems the OP here already has his.

              1 Reply Last reply Reply Quote 0
              • D
                Derelict LAYER 8 Netgate
                last edited by Nov 5, 2016, 6:01 AM

                2.4 is required. It's not in beta yet.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • H
                  harryjohnsonab
                  last edited by Nov 7, 2016, 5:37 PM

                  @Derelict:

                  pfSense doesn't care what APs you use, unless they're somehow broken.

                  Alright, gotcha. Thanks a lot for the help!
                  Going to start ordering it all now  ::)

                  1 Reply Last reply Reply Quote 0
                  8 out of 8
                  • First post
                    8/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received