4. [SOLVED] 2 pfsenses and static routing

[SOLVED] 2 pfsenses and static routing

  • M

    Hello,

    I just started a new job recently, and they are having me setup a new network. i'm pretty new to pfsense but i have done a ton of googling and more to try to find out a solution for my issue and no luck.

    So, i have an esxi server with two pfsense and each has a lan network on it. my boss asked me to setup that way. i'm open to ideas of how i should do it. i've messed around with vlans but he doesn't want me to mess with the switch unless i'm 100% of what i'm doing and i don't. he said he's done this in the past and used static routing. he's not sure how he did it. i have the two networks completely connected to wan and i just need to connect the two wan. they are both in the same esxi server. i just can't ping back and forth on them. both have different wan addresses as well. i'm not 100% what to do right now. i'll take any suggestions.

    Pfsense1: 10.10.10.1 –--> Servers
    esxi--->
                Pfsense2: 10.20.10.1 ---> Workstations/wireless

    sorry if i posted this on the wrong board as well!

    0
  • V

    I would do that with only one pfSense with two LAN interfaces, but if your boss want to set it up this way…

    Add an additional NIC to each pfSense and a virtual switch in ESXi and connect the new NICs to it. Give them IP addresses in a separate subnet so that they can talk together.
    On each pfSense add the IP of the other box as gateway in System > Routing > Gateways and set a static route for the other LAN directing to this GW.
    Also add firewall rules on both boxes to the new interfaces to allow the traffic.

    It would also be possible to route the traffic over the WAN interfaces, but that's not recommended.

    0
  • LAYER 8 Global Moderator

    Im with viragomann - why are you doing this with 2 pfsense?  1 pfsense vm can have multiple lans and multiple wan connections.  I don't see the point of doing 2??

    0
  • M

    @viragomann:

    I would do that with only one pfSense with two LAN interfaces, but if your boss want to set it up this way…

    Add an additional NIC to each pfSense and a virtual switch in ESXi and connect the new NICs to it. Give them IP addresses in a separate subnet so that they can talk together.
    On each pfSense add the IP of the other box as gateway in System > Routing > Gateways and set a static route for the other LAN directing to this GW.
    Also add firewall rules on both boxes to the new interfaces to allow the traffic.

    It would also be possible to route the traffic over the WAN interfaces, but that's not recommended.

    i'm open the two different lans on one box. i may be able to convince him. is it possible to put 2 wans on one pfsense? i think thats the only draw back that he has from what i gathered.

    0
  • V

    Yes, it is. johnpoz mentioned that above.

    https://doc.pfsense.org/index.php/Multi-WAN

    0
  • M

    my server only has 2 nics, should i just create 3 vnics? and then use 2 on the lan switch for having two lan networks on one? and will i need to do trucking or whatever?

    0
  • M

    nvm got it! thanks for the help :D

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy