Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing Gb Ethernet

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    3 Posts 3 Posters 888 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Dennis100
      last edited by

      Can one set up a PfSense firewall to route one IP's WAN traffic to LAN1 and the other WAN IPs to another LAN?
      EG: IPs assigned from ISP
      13.13.13.1-13.13.13.4

      13.13.13.1 <-> LAN1
      13.13.13.2-13.13.13.4 <-> LAN2

      If so, what model should I get. LAN & WAN ports are all 1Gb and truly support a full 1Gb.

      T 1 Reply Last reply Reply Quote 0
      • T
        TheNarc @Dennis100
        last edited by

        @dennis100 I've never configured more than a simple single LAN, single WAN home setup. However, I would imagine that you would want to do something like:

        • Make the gateway corresponding to the WAN interface with IP 13.13.13.1 your default gateway
        • Make a gateway group out of the WAN interfaces corresponding to the IP addresses 13.13.13.2 through 13.13.13.4
        • Create firewall rules for LAN2 that set the gateway group created in the above step as the gateway for all traffic coming in the LAN2 interface.

        I believe that should pretty much get you to where you want to be, if I understand the question correctly.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by johnpoz

          No you would not create a gateway group. You would just create VIPs for your other IP, then sure you can have any specific client on 1 network use IP .2 and other clients on that same network or a different network/vlan use .3 as their source IP when they nat to the public internet.

          But that wouldn't be done with gateway groups. If you had multiple interfaces, pfsense will not allow you to put them in the same network, ie this 13.13.13 wan transit network.

          As to what appliance - what budget do you have? The sg-3100 can do gig.. But you might want something a bit more beefy? 4860 (end of sale), 7100? I do believe there are some other models in the works as well that might fit you need/budget.

          A bit more about your network and plans for pfsense - running packages like proxy/ips ? etc..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.