Multiple identical LANs



  • Hi.

    I need to make 32 identical networks for 32 computers in classroom. They need to be able to connect to outside network but don't have to be aware of each other. Something like this:
    WAN - outside ip
    LAN1 - 192.168.1.1/24
    LAN2 - 192.168.1.1/24
    LAN3 - 192.168.1.1/24
    and so on.

    I know I can install 32 pfsenses as VMs and make it work but is it possible with only one pfsense install?

    I'm very new to pfsense so I'm sorry if this is a stupid question..  ::)

    Thanks!



  • If I'm reading your question right, it's impossible.  There's no way pfSense would know where to route incoming traffic.


  • Rebel Alliance Global Moderator

    Yeah why would your lans have to have the same IP.. Doesn't work that way.. Pfsense can not have 32 interfaces with the same networks on them.  It can not have even 2 ;)

    Why can you not do

    lan1 192.168.1/24
    lan2 192.168.2/24
    lan3 192.168.3/24

    lan32 192.168.32/24

    This is how it would be done.  If your only talking about 32 computers.. Why can they not be just on the 1 lan network?



  • Ok, thanks.

    So 32 VM Pfsenses it is then.

    All the computers has to be identical in every way, even their ip address. There is a Siemens PLC with every computer (and other equipment) and we want to overwrite computers disk with fresh disk image every week (so that if student has done some strange configuration changes to it the next person does not need to deal with it). If every computer and PLC has different ip address we have to configure them every single time individually.

    And it is also much simpler to teach with equipment that is identical (even the ip address of the PLC you want them to connect).

    But this helps me a lot. Don't have to try it to know it won't work.  :)



  • @hackky:

    So 32 VM Pfsenses it is then.

    Depending on your switch you might get away with private VLANs/protected ports. The same principle a wireless AP can separate clients even though they reside in the same subnet.

    But why 32 VMs? That's nearly as great as using 32 physical machines.
    What switch(es) do you have on site?



  • @jahonix:

    @hackky:

    So 32 VM Pfsenses it is then.

    Depending on your switch you might get away with private VLANs/protected ports.

    If all those VLANs wind up on a router, the same problem still remains, in that the router has no way to know how to forward incoming traffic.




  • Rebel Alliance Global Moderator

    "If every computer and PLC has different ip address we have to configure them every single time individually."

    Nonsense…  I have been in countless class be it with real hardware and or VMs where yeah the machines are re-imaged between classes or even on the fly if a student messes up.  They sure didn't use the same IPs.

    Students where given their specific IPs to use before class, etc.  This is the whole point of dhcp where you could hand out specific IPs to the devices as they boot up, etc.  If you want your PLCs to be on specific IP and they can not be dhcp.. you could always just but them on a host only network where each host has its own network that is 192.168.x/? with a 2nd nic that way these interfaces could be 192.168.1.1 for PC and .2 for the PLC, etc..

    32 VM copies of pfsense?  On what each machine??  That just seems nuts!!

    How about you give us some more details of the hardware your working with, etc.  And we figure out a better way to do it other than 32 VMs running pfsense just so you can put a nat behind them all using 192.168.x