Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    AWS-EC2: How to route through pfSense

    Routing and Multi WAN
    ec2 routing gateway amazon
    1
    1
    806
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Morlock
      last edited by

      Hi everybody,

      I set up the official pfSense EC2 instance with its WAN interface on 10.10.10.4/24, plus Elastic IP. Then I added an adapter with a "private" subnet, 10.10.11.4/24. Everything works so far, with various VPN configurations, internet access from the pfSense etc.

      Now I added a Debian instance in the private network. It got the IP 10.10.11.156/24. I want to route the internet traffic of the Debian VM through the pfSense.

      As it is advised by several forum posts, I modified the Route Table which is associated with the private subnet: 0.0.0.0/0 points to the LAN interface ID of the pfSense.
      An additional route only for my personal WAN IP points to the VPC's Internet Gateway in order to access the Debian machine via SSH.

      I also disabled Source/Destination Checks on the Debian and pfSense LAN interfaces.

      pfSense firewall rules and security groups are configured permissive.

      But I still cannot access the internet from the Debian machine through the pfSense. Only pinging the pfSense LAN IP works - not with the WAN IP (10.10.10.4).

      It is strange that the "ip route" command on the Debian box shows 10.10.11.1/24 as the default gateway. I did not modify the routing on the VM itself in any way.
      Why is the wrong IP pushed to the VM when I correctly select the interface ID? The first 3 host addresses are reserved, so I cannot understand this.

      Thanks!
      Abbys

      1 Reply Last reply Reply Quote 0
      • First post
        Last post