Help a noob 1st timer get two LAN setups to 'see each other', one is OpenVPN PIA



  • Hi.

    I need some help, and I think the answer is simple, but I'm not very experienced with routing and networking, so I need some noob-friendly help, or pointers to some threads that might help.

    I use an internet anonymizing service (PIA (Private Internet Access) if that helps).  I have 8 PCs (towers and some laptops) in my home, some for work, some for leisure, some just for Netflix, streaming.  I am trying to set up a system so that 1-3 devices stay fully anon (behind the PIA servers) when surfing the internet, but can still share folders / files between the other PCs in my home network (which are not utilizing any anonymizing services at all).

    Following the guides provided by PIA I was able to successfully install pfsense to a single tower PC (1 Realtek NIC (embedded) + 1 4-port HP gigabit NIC (PIC-e slot))  and configure OpvenVP services for PIA access.  Amazingly, I got it up and running, but now I have a problem.

    Here's my situation at the moment.

    My 'work' PCs are all plugged straight into my home router and are using
    192.168.1.xxx
    These do not (nor will ever) use or need to access PIA's services.

    My pfsense Box (which is configured with PIA/OpenVPN (anonymizing traffic)  is configured to use the 192.168.1.xxx gateway, but the LAN address is 192.168.2.xxx

    so here's my problem.

    Any PC on 192.168.1.x
    can't see / share files with any PC on the 192.168.2.x domain.

    Is there a way to get devices on 192.168.1.x  to see the devices on 192.168.2.x ?

    Or am I going about this all wrong?

    apologies in advance, I'm a noob at this, I'm honestly surprised that I was able to even get my pfsense box setup and working with PIA.

    Everything would be great, except I can no longer share files between the two domains.

    Any (noob friendly) help would be very greatly appreciated.

    edited to add:

    on the box running OpenVPN:

    pfsense:  running 2.3.4-Release-p1 (amd64)
    WAN:  is being assigned a gateway from 192.168.1.xxx
    LAN:  192.168.2.xxx



  • Hi,

    Generally speaking, your pfSense box is placed in between your work (1.x) and other (2.x) networks which appears to be acting as a firewall/router.

    If you want to continue with a configuration like this, you'll need to do some NAT/Port forwarding AND firewall rules to allow the 1.x network to be able to talk to the specific 2.x network hosts in terms of what ports (i.e.: 443, 80, 22, etc) and protocols (icmp, tcp, udp, etc).

    • You'd then access the pfSense box's WAN address on the 1.x network and define which port you want to access, which translates over to the proper host on the 2.x via NAT/port forward with some configuration on the pfSense box.

    • As a side note, you may be able to disable NAT on the WAN interface (1.x) of the pfSense box and then you'd only need to do firewalling. I have never done this before but seems simple in concept.

    A cleaner configuration would be to have the pfsense box with multiple network adapters (minimum of 3 in your configuration) which segregates these networks using pfSense, (but using a single box for LAN1, LAN2, WAN, etc),  LAN1 could be the 1.x and LAN2 could be the 2.x. Then you would only need fire walling rules and not also inbound NAT rules/port forwarding. There's some other settings to be applied with outbound NAT i believe but the auto-generated outbound NAT should suffice out of the box in this scenario.

    Hope this helps give you some direction on how you want to approach the problem without writing a book.

    @WillieBeamen:

    Hi.

    I need some help, and I think the answer is simple, but I'm not very experienced with routing and networking, so I need some noob-friendly help, or pointers to some threads that might help.

    I use an internet anonymizing service (PIA (Private Internet Access) if that helps).  I have 8 PCs (towers and some laptops) in my home, some for work, some for leisure, some just for Netflix, streaming.  I am trying to set up a system so that 1-3 devices stay fully anon (behind the PIA servers) when surfing the internet, but can still share folders / files between the other PCs in my home network (which are not utilizing any anonymizing services at all).

    Following the guides provided by PIA I was able to successfully install pfsense to a single tower PC (1 Realtek NIC (embedded) + 1 4-port HP gigabit NIC (PIC-e slot))  and configure OpvenVP services for PIA access.  Amazingly, I got it up and running, but now I have a problem.

    Here's my situation at the moment.

    My 'work' PCs are all plugged straight into my home router and are using
    192.168.1.xxx
    These do not (nor will ever) use or need to access PIA's services.

    My pfsense Box (which is configured with PIA/OpenVPN (anonymizing traffic)  is configured to use the 192.168.1.xxx gateway, but the LAN address is 192.168.2.xxx

    so here's my problem.

    Any PC on 192.168.1.x
    can't see / share files with any PC on the 192.168.2.x domain.

    Is there a way to get devices on 192.168.1.x  to see the devices on 192.168.2.x ?

    Or am I going about this all wrong?

    apologies in advance, I'm a noob at this, I'm honestly surprised that I was able to even get my pfsense box setup and working with PIA.

    Everything would be great, except I can no longer share files between the two domains.

    Any (noob friendly) help would be very greatly appreciated.

    edited to add:

    on the box running OpenVPN:

    pfsense:  running 2.3.4-Release-p1 (amd64)
    WAN:  is being assigned a gateway from 192.168.1.xxx
    LAN:  192.168.2.xxx


Log in to reply