One pfsense LAN net and two subnets, how to?
-
Hi pfsense friends. I'm testing a set up with v2.4.5 with 1 WAN port and 1 LAN port. There are two subnets connected to pfsense's LAN port. see picture attached. machines in 10.0.1.0 subnet can ping and get out to the internet all fine. But pfsense appliance refuses all traffic coming from 10.0.2.0 subnet to it's LAN port. Other devices in both subnets can ping each other no problem. Goal is to have 10.0.2.0 subnet talk to pfsense and get to the internet. is this possible? where to configure? thank you!!
-
adding info, pfsense is able to ping devices in 10.0.2.0 subnet successfully.
-
Have you checvked outbound nat rules for the subnets??
-
@Cool_Corona well no. The second subnet can't get a ping response from pfsense lan port. Too early to look at the WAN side, isn't it? I did add lan firewall rule to allow any to ping lan address, but that made no difference. I guess pfsense doesnt recognize the second subnet as its LAN net. So help still needed.
-
@fgina said in One pfsense LAN net and two subnets, how to?:
and 1 LAN port
In this order :
If possible, go for a 'real' second NIC,
Or, use VLAN's - you'll be needing a VLAN-capabale switch,
Or, see what https://docs.netgate.com/pfsense/en/latest/book/firewall/virtual-ip-addresses.html can do for you.The last choise might imply some limitations. I never tried/used it.
-
You have 2 different subnets on the same NIC? What's pfSense configured for? You can't have the 2 subnets and expect pfSense to route between them. All you'll do is generate a lot of ICMP redirects. Either get a 2nd NIC or make it just 1 big subnet.
-
Ok, looks like can't get it done with one LAN port. Was hoping pfsense would allow me to define "Lan net" spanning multiple subnets.
-
@fgina No, you actually can run multiple subnets (networks) on a single physical network port. But, you have to use VLANs and a smart/managed switch.
Jeff
-
@akuma1x okay thanks I will research a bit. the appliance VM is in azure.
