PfSense noob & multi wan
-
Hi all, I recently built a pfsense box, as i mentioned in the subject I have a multi wan setup, that part of the configuration wasn't a problem.
My current setup is:
WAN 1 is connected to my ISP (its on the 192.168.3.0 range until I find a way to bridge the modem)
WAN 2 is an AP in client mode connected to a free WiFi zone nearby (192.168.5.0 range) its slow as hell, and its main purpose is to serve as backup if everything else fails
WAN 3 is a link to my friend (192.168.0.0) he is my main backup, if my ADSL fails he is on cable so I can fall back to that
LAN is on the 192.168.1.0 range and all my clients are connected to that interface
now there are two things I want, I have a decent movie collection on my computer that is connected to the LAN, I would like to share that with my friend on WAN3 is there a way to set that up?
and it would be prefect if I could somehow set up when my friends internet fails that he can still get access from me.
equipment wise beside the pfsense box, I have a Ubiquity AirGrid5 on my roof, and a TP-Link TL-WA7510N at my friends
suggestions and ideas are very very welcome :)
-
you just need to setup some static routes pointing towards the friends' lan subnet. You friend needs todo the same for your lan subnet.
both lan subnets can't be identical
-
thanks, will try fiddle with static routes :)
-
Ok, the static routes method didn't pan out for me, but im sure I messed up something.
So i went in another direction, I set up a L2TP VPN on WAN3, and when my friend connects to the VPN he gets internet access from me. So I have one part of the problem solved, but i can not get computers on the WAN3 to access computers on the LAN.
Is there a way to set this up just on my side, so I don't have to mess around with my friends modem?
-
Anybody? :)
-
Static routing is the best way to go so perhaps you should debug that. All you need is his network, subnet and WAN IP. Can you describe this WAN3 link you have to him in more detail?
-
Ok, OPT2 or now WAN3 is linked to my friend cable modem/router, he is on the 192.168.0.0 subnet, and I get an address assigned by his modem for WAN3. I get access to his internet connection & I can ping/access devices on his network from my computer (which is connected to the LAN and is on the 192.168.1.0 subnet), he on the other hand cant acces anything on my side.
-
What firewall rules do you have on the OPT3 interface? They don't get any by default, so he won't be able to come into your network unless you allow it.
-
Oh I have changed rules several times :D
This is the current state of affairs :)
-
The first rule is fine but you can fine-tune it later on since it allows all access inbound. For him to get access to your network, his end would have to be aware of it. If his config has no idea about your network then all his traffic is going to go out his default gateway. He needs to add your WAN3 IP as another gateway and then add a static route so that his router knows to send traffic for your network to your WAN3.
-
If I understood you, he has to set two gateways, and the static route has to be set on his router?
-
So I decided to test this out locally. I have a spare router, on which I set a static route, and a PC on the WAN3 which now has two gateways and id dosent work I cant ping anything on the LAN side.
-
Any ideas? What am I doing wrong ???
-
Im open to step by step instructions :D
