Routing between WAN and LAN?



  • Hello,

    I have a test setup I want to make working before we implement it in our production enviroment.

    My setup:
    VMware ESXI host on that host there is:

    Pfsense01 (WAN: 192.168.1.6 (Production) - LAN: 172.10.10.1 - This is the router between our production and test enviroment.
    Pfsense02 (WAN: 172.10.10.254 - LAN: 192.168.10.1 - This is the router I want to be able to route between WAN and LAN network)

    I have a DC with DHCP, DNS on 172.10.10.x network, and I some clients on 192.168.10.x network, I want the clients and the DC to talk to each other.

    I cant seem to get this working, I've enabled "Disable all packet filtering" on PFsense02 but I cant seem to get the routing going.

    From the client I can ping the 192.168.10.x network and 172.10.10.254.



  • On pfSense02 you have to remove the check at "Block private networks" in the WAN interface settings, since the WAN net you want to provide access is a private address range.

    Additionally you have to add a route to the 172.10.10.x network devices for the 192.168.10.x network pointing to 172.10.10.254. You may do this on your DHCP.

    Further you have to add a firewall rule on pfSense02 to the WAN interface to allow the wanted access.
    Assuming you still have the default allow-any rule on the LAN interface in place.



  • I understand this is a test setup, but the first question is... why are you using public IP's on your LAN?

    Then... instead of us making assumptions, provide a network map to show how are things connected, so we can get a better view of your objective.

    Lastly, what is your objective? Why are there two firewalls? Is there a reason 192.168.10.0/24 needs to be behind a 2nd firewall?