Learning PFsense



  • So I been using PFSense for about 2 months now, and I'm familiar with some aspects of it. Now I am at a cross-roads when it comes to configuring PFsense to route between different subnets. My setup is the following:

    ISP Modem/Router
    PFsense #1
    WAN = 99.xxx.xxx.xxx
    LAN = 192.xxx.1.xxx

    PFsense #2
    WAN = 192.168.1.xxx
    LAN = 192.168.2.xxx

    PFsense #1 will be a normal network

    PFsense #2 will be a VPN network

    Each PFsense Router has it's down dedicated managed Switch.

    Question:
    What firewall rules do I need to put in place to allow communication between the two networks?



  • Trutfully I would turn off NAT on pfsense 2 and run RIP between the two boxes..



  • pfSense2 LAN will automatically be able to talk to pfSense1 LAN. pfSense1 will not be able to talk to pfSense2 LAN. Why do you have 2 instances in a double-NAT config? Why not just create a separate subnet for your VPN traffic?



  • @dawkinsz said in Learning PFsense:

    What firewall rules do I need to put in place to allow communication between the two networks?

    do it by setting up a Static Route between your two gateways.

    See the documentation here: https://www.netgate.com/docs/pfsense/routing/static-routes.html

    This is the same scenario as my network where I had a LAN and a VPN. All I did was create a static route from my VPN subnet to my LAN subnet so they know to communication with each other. (Well, along those lines) Essentially making devices across two different subnets communicate.

    Inshort Subnet is the Best Solution for this.



  • Thanks for the reply, would I need to disable the NAT on PFsense 2, since it will be creating the VPN tunnel through PFsense 1 WAN?