Routing between multiple subnets behind a single LAN interface
-
This is not for production, but rather a lab setup to simulate remote locations that have VPNs setup. I'm playing with some servers and want them to be able to communicate in the lab as if they were on site.
Is this possible w/ some kind of static routing? I don't know how to set it up. I tried created Virtual IPs (alias) w/ the default gateway of each location (192.168.0.1/24, 192.168.1.1/24, 10.0.0.1/24).
Under Firewall -> NAT -> Outbound I did manual outbound and copied the default outbound rule for each subnet to the WAN interface.
Under Firewall -> Rules -> LAN I created allow each subnet to ALL rules.
Under System -> Routing I added each virtual IP as a gateway, then in static routes added each subnet to it's respective gateway.
I can't ping the virtual IPs or hosts in other subnets.
I'm sure I've just done something stupid.
-
Routing is only possible between different interfaces.
So you may create VLANs with virtual interfaces on the single LAN and put your devices into the VLANs as you need, then you can route between them.
-
Hrmmm, what about pfSense on a VM? I've never played with that. Could I assign multiple interfaces to one physical NIC on ESX or something?
-
So you mean to add multiple interfaces and connect them to a virtual bridge, which the physical NIC is also connected to?
Maybe that will work as the bridge will spread packets to all connections, but it's dirty.
-
So I just wanted to report back. The original thing I was trying to accomplish on the physical pfSense box actually works. I had accidentally put /32 on my outbound NATs instead of /24. I have 4 subnets all talking to each other and all able to get outbound NAT to WAN behind a single LAN interface using Virtual IPs.