Routing between WAN and LAN?
-
Hello,
I have a test setup I want to make working before we implement it in our production enviroment.
My setup:
VMware ESXI host on that host there is:Pfsense01 (WAN: 192.168.1.6 (Production) - LAN: 172.10.10.1 - This is the router between our production and test enviroment.
Pfsense02 (WAN: 172.10.10.254 - LAN: 192.168.10.1 - This is the router I want to be able to route between WAN and LAN network)I have a DC with DHCP, DNS on 172.10.10.x network, and I some clients on 192.168.10.x network, I want the clients and the DC to talk to each other.
I cant seem to get this working, I've enabled "Disable all packet filtering" on PFsense02 but I cant seem to get the routing going.
From the client I can ping the 192.168.10.x network and 172.10.10.254.
-
On pfSense02 you have to remove the check at "Block private networks" in the WAN interface settings, since the WAN net you want to provide access is a private address range.
Additionally you have to add a route to the 172.10.10.x network devices for the 192.168.10.x network pointing to 172.10.10.254. You may do this on your DHCP.
Further you have to add a firewall rule on pfSense02 to the WAN interface to allow the wanted access.
Assuming you still have the default allow-any rule on the LAN interface in place.
-
I understand this is a test setup, but the first question is... why are you using public IP's on your LAN?
Then... instead of us making assumptions, provide a network map to show how are things connected, so we can get a better view of your objective.
Lastly, what is your objective? Why are there two firewalls? Is there a reason 192.168.10.0/24 needs to be behind a 2nd firewall?