Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    AWS VPC Routing and Positioning.

    Routing and Multi WAN
    1
    2
    400
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      plutocrat
      last edited by

      Hi,
      Hoping this is in a sensible part of the forums … I'm planning to use pfsense as a means to control access to servers in an AWS VPC, and I'm trying to get my head around the general positioning of the device so that it does what I want.

      The setup is like this

      • VPC 10.1.0.0/16

      • subnet A 10.1.10.0/24

      • subnet B 10.1.20.0/24

      • subnet C 10.1.30.0/24

      I have some developers that are only allowed to access machines in Subnet A. Some only in B, and some in both. Where do I position pfsense to allow me to write those rules, to allow different users access on a per-subnet, or per-machine basis.

      I also have an app in another cloud (azure) which needs to connect to an RDS database over a VPN tunnel. Any hints for that?

      I'm familiar with pfsense and have used it on many occasions in the past. But I'm fairly new to AWS VPCs, so that's where I need the pointers.

      1 Reply Last reply Reply Quote 0
      • P
        plutocrat
        last edited by

        OK, so lets try some more specific questions,

        • should the pfsense instance be in one of those subnets, and I just write routing rules to give it access to the other subnets. Or do I create a fourth subnet (maybe public?) to give it access.
        • Presumably I need to set up an interface in pfsense for each subnet? How do I do that in AWS - I'm a bit lost with their strange way of doing things.
        • How do I limit access to certain subnets / machines on a user by user basis. Would I do that in pfsense or in AWS.

        What makes sense here. I'm guessing someone must have struggled with this environment before.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.