Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Masquerading/Seperating Seperate LAN's

    Routing and Multi WAN
    1
    1
    199
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Presler
      last edited by

      Hi guys.

      I've come across pfsense 2 years ago, basically being dropped in deep end to configure and manage several networks in a hotel. At the time, I knew nothing of routing and firewalls, and stumbled upon pfsense while researching software options.

      I have 2 x Intel 1U 6 port devices, Core2Dou/4Gb DDR3 firewalls. Both currently loaded with pfsense 2.4.1. I have manged to learn through tutorials and the forums how to get most things done to the point where one of these devices has handled 1132 devices over 3 networks simultaneously with no hassle.

      Now, there's still 2 things I still cannot figure out or get to work correctly. Setup is as follows

      EM0 - WAN
      EM1 - LAN (which also carries all hotel backoffice traffic)
      EM2 - Hotel Rooms Wifi
      EM3 - Hotel Conference venues Wifi
      EM4 - Main Restaurant Wifi

      I have several rules set up, 1 floating to block port 25, Default IPv4/IPv6 per network, user limiters per network etc etc.

      Problem 1. My users on EM1-LAN has access to several shared network drives. I noticed on day that while connected to EM2- Hotel Rooms Wifi users somehow can still access parts of those shares.
      Can anyone point me in the right direction to write rules for each network to be completely hidden/masqed/seperate all networks from one another?

      Problem 2. Our main WAN connection has been a 200Mbps connection that was always shared among all networks. So if one network is very busy, it would affect the others bandwidth wise. We have last week upgraded the 200 to a 500Mbps line. Now, I would like to allocate allowances per network so they don't overrun or affect the other networks. So, for instance

      EM1 - 60Mbps
      EM2 - 200Mbps
      EM3 - 200Mbps
      EM4 - 40Mbps

      Once again, would someone kindly point me towards the correct tutorial or how to/wiki to get these allowances configured.

      I apologize if I use a word, abbreviation or phrase incorrectly, English isn't my first language. :)

      Thanking you in advance.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post