Multiple lan routing with router between firewall and internet
-
Hi all,
I have been messing with this for days. Here is what i have.
124.0 lan
120.0 lan >>>>>>>>>>>>>>>cisco 3550 with routing enabled>>>>>>>>>>>>100.0 lan>>>>>>>>>>>>>>>PFsense firewall with tunnel>>>>>>>>static exteral ip tunnel to other pfsense>>>>>>>>>>55.0 on other pfsenseI can ping and tracert to both ends of the tunnel from anything on the lan interfaces on both sides. however from the 124.0 and 120.0 subnets behind the cisco 3550 nothing will ping or tracert. It actually seems to be going out to the internet. I feel that there is something simple i am not doing. I have added static routes and such but it still does not work. Does anyone have any ideas? I have dont multiple searches on the forumn. The only thing i found said to search the forumn this has been covered before. I cannot find where this has been covered before. It seems to me i am missing a static route or NAT adjustment somewhere. I guess the basic question is how do i route multiple internal lan networks through 1 tunnel and also they go to the internet(split tunnel). Can anyone help?
-
Hi.
You have to create a phase by network you want to give access to the tunnel. For example, I've to create tunnel between these 2 offices:
-
Main office:
DATA VLAN: 192.168.1.0/24
VOICE VLAN: 192.168.2.0/24
LAB VLAN: 192.168.3.0/24 -
Remote Office:
REMOTE LAN: 192.168.100.0/24
I want ot give access to DATA VLAN & VOICE VLAN only. So I've to create tunnel (on both pfSense) for these trafics:
-
DATA VLAN & REMOTE LAN (192.168.1.0 & 192.168.100.0)
-
VOICE VLAN & REMOTE LAN (192.168.2.0 & 192.168.100.0)
With the pfSense v1.3, you can do this with adding several phase 2 for the same phase 1. I don't know how you can do this with older version.
Hope this helps.
[EDIT] I've added a screenshot of my configuration.
-