Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't route between subnets

    Routing and Multi WAN
    2
    4
    351
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hypercoffeedude
      last edited by

      Hey everyone!

      I've been having a hard time getting two subnets talking to each other. I run a pfSense machine as a firewall. I have two interfaces: WAN and LAN. I have my normal everyday devices on 192.168.1.0 and I am trying to set up a second subnet of 192.168.2.0 for all of my network cameras. At some point, the idea is to block the (2.0) subnet from accessing WAN and only allow it to communicate with (1.0) this is due to the cheaper security cams that like to phone home to a cloud service somewhere. All devices on (2.0) will have static IPs.

      I currently have a camera on 192.168.2.100 right now. I cannot ping it from my (1.0) devices.

      So, my question is: What settings need to be changed to allow this to work? It's got me pretty confused.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Yeah. Use a managed switch and VLANs for that.

        Or a router with two inside (LAN) interfaces.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • H
          hypercoffeedude
          last edited by

          I can add another physical interface which will show up as OPT1 by default. Would it be possible to accomplish it this way?

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            Yes. Number that interface as 192.168.2.1/24, create the necessary firewall rules on that interface, and connect another switch to it.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post