Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need some help with PFsense and Edgerouter X routing

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 435 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sk8nerd81
      last edited by sk8nerd81

      im trying to learn how to do some local network routing so yes I'm doing this the hard way. I'm running pfdense as my primary router/firewall, dns, dhcp and I'd like to put some vlans into the mix if I can get the basics running like I want. currently I have a switch were I have my LAN but I'd like to turn into a DMZ zone for some servers and what ever. Then I have a Edgerouter X(ERX) that I'd like to put a user LAN on its own VLAN.

      Then problem I'm having is that I can't get the ERX to route correctly, would rather not run NAT because I'd like to learn some firewall rules to control the traffic and I'd like to run this like a large LAN.

      I can get out the internet with pfsense and I can ping the eth0 interface on the ERX but i cant get out from the EDX.

      This is the conf from the EDX:

      interfaces {
      ethernet eth0 {
      address dhcp
      duplex auto
      ip {
      ospf {
      network broadcast
      }
      }
      speed auto
      vif 10 {
      disable
      }
      }
      ethernet eth1 {
      description Local
      duplex auto
      speed auto
      }
      ethernet eth2 {
      description Local
      duplex auto
      speed auto
      }
      ethernet eth3 {
      description Local
      duplex auto
      speed auto
      }
      ethernet eth4 {
      description Local
      duplex auto
      speed auto
      }
      loopback lo {
      }
      switch switch0 {
      address 192.168.10.34/27
      description Local
      switch-port {
      interface eth1 {
      }
      interface eth2 {
      }
      interface eth3 {
      }
      interface eth4 {
      }
      }
      }
      }
      port-forward {
      auto-firewall enable
      hairpin-nat disable
      wan-interface eth0
      }
      protocols {
      ospf {
      area 0 {
      area-type {
      normal
      }
      network 192.168.10.32/27
      network 192.168.1.0/24
      }
      parameters {
      router-id 192.168.1.2
      }
      passive-interface default
      passive-interface-exclude efh0
      }
      }
      service {
      dhcp-server {
      disabled false
      hostfile-update disable
      shared-network-name LAN {
      authoritative enable
      subnet 192.168.10.32/27 {
      default-router 192.168.10.34
      dns-server 192.168.10.34
      lease 86400
      start 192.168.10.37 {
      stop 192.168.10.62
      }
      }
      }
      }
      dns {
      forwarding {
      cache-size 150
      listen-on switch0
      }
      }
      gui {
      https-port 443
      }
      nat {
      rule 5010 {
      description "masquerade for WAN"
      disable
      log disable
      outbound-interface eth0.1
      protocol all
      type masquerade
      }
      }
      ssh {
      port 22
      protocol-version v2
      }
      }
      system {
      host-name ubnt
      login {
      user ************ {
      authentication {
      encrypted-password ****************
      }
      level admin
      }
      }
      ntp {
      server 0.ubnt.pool.ntp.org {
      }
      server 1.ubnt.pool.ntp.org {
      }
      server 2.ubnt.pool.ntp.org {
      }
      server 3.ubnt.pool.ntp.org {
      }
      }
      syslog {
      global {
      facility all {
      level notice
      }
      facility protocols {
      level debug
      }
      }
      }
      time-zone UTC
      }

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.