Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How do I set up the WAN with a different gateway than the main Hosting Gateway?

    Installation and Upgrades
    3
    9
    120
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Edhasw last edited by Edhasw

      I just hired a hosting with proxmox, and the company gave me a main IP like this 194.152.28.56 with Gateway 194.152.28.1, this is the IP to access proxmox, but additionally, it gave me 3 Ips more similar to these 58.65.125.64 and 210.36.59.145 and 180.56.58.145.

      And when I configure the WAN, I use one of the additional IPs for example 58.65.125.64 and when Pfsense asks me for the GateWay, I write it the main Gateway, the main IP 194.152.28.1, but Pfsense gives me an error saying that it is not I can use because it is not from the same subnt.

      How can I configure Pfsense with an IP that is different from the main GateWay?

      Thank you very much in advance for the help.

      1 Reply Last reply Reply Quote 0
      • Rico
        Rico LAYER 8 Rebel Alliance last edited by

        In the Gateway Settings Display Advanced > Use non-local gateway

        Use_non-local_gateway.png

        -Rico

        2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

        1 Reply Last reply Reply Quote 1
        • E
          Edhasw last edited by

          Hi @Rico Thank you very much for answering.

          The only place where I find that option is when creating a new Gateway, that option appears under advanced.

          What I understand in that case is that I should put the new Gateway here and give that option ok, am I correct?

          Captura 1.PNG
          Captura-2.PNG
          Captura-3.PNG

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by Derelict

            You should not have to.

            If the upstream ARPs for the 58.65.125.64 and 210.36.59.145 and 180.56.58.145 addresses, it will know to send the traffic to the right interface. Just add IP aliases for those on the WAN. No additional gateways needed.

            If they are routed to you, then you can add aliases for them on the WAN or route them any way you like because they will just arrive on the WAN interface addressed to the MAC address of the 194.152.28.56 interface.

            Bottom line is we need to know how those additional addresses are provisioned in order to assist you. The above two scenarios are the most likely ones.

            And Net Masks Matter. Please provide them.

            Chattanooga, Tennessee, USA
            The pfSense Book is free of charge!
            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            Derelict 1 Reply Last reply Reply Quote 1
            • E
              Edhasw last edited by

              Hi @Derelict

              Thanks to help me, but sorry I don't understand you
              I will explain the situation to see if you can help me

              In the hosting I have a Proxmox to mount 3 Virtual machine server, and I got the 3 more IPs from my hosting provider, but the GateWay and main IP are different to the other 3 IPs. the main IPs is only to proxmox and is connected to a one NIC that NIC is the main to get access to internet for all virtual machine.

              I tested a 1 Virtual machine with one of the additional IPs and MAC, and I got access to internet, but when I installed Pfsense I did not get access to internet from Pfsense, I test the option 7 in Pfsense to make pin a google.com and I don't get acess to internet.

              In a banktest of my home computer, I do a install of Pfsense con VirtualBox and all is Ok, of course at home I have DHCP and that is why it works well, but I understand that it should work well with Pfsense if I have Public IP as is the case with my hosting

              Thanks you very much to help me

              1 Reply Last reply Reply Quote 0
              • Derelict
                Derelict LAYER 8 Netgate @Derelict last edited by

                @Derelict said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

                Bottom line is we need to know how those additional addresses are provisioned in order to assist you.

                Love to help but we are still no closer to having this information.

                What, exactly, did the hosting provider give you regarding the provisioning of these addresses?

                What, exactly, did they give you as instructions for putting them to use?

                Chattanooga, Tennessee, USA
                The pfSense Book is free of charge!
                DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 1
                • E
                  Edhasw last edited by Edhasw

                  @Edhasw said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

                  58.65.125.64

                  Hi @Derelict

                  In the Hosting, the IPs an MAC is to access a Internet from the Virtual PCs, throu virtual Bridge atached a the Network Interface

                  This is I test with Proxmox and Pfsense but not work, don't get access to internet from Pfsense. When make install, I test the option 7 to do ping a google.com and do not have access to internet

                  Option Install Pfsense.PNG

                  But if I install a only a one Virtual Machine with Centos 8 like this, all is ok, I got it access to internet very well

                  One PC Work good.PNG

                  Thanks for helping me, regards

                  1 Reply Last reply Reply Quote 0
                  • Derelict
                    Derelict LAYER 8 Netgate last edited by Derelict

                    OK -

                    just forget about "additional gateways" for now. They did not specify anything about them.

                    Make IP alias Virtual IP addresses for the three new addresses like this:

                    Firewall > Virtual IPs

                    Add

                    Screen Shot 2020-07-11 at 11.21.13 AM.png

                    Make a 1:1 NAT for each VIP to each internal server:

                    Firewall > NAT, 1:1

                    Add

                    Screen Shot 2020-07-11 at 11.22.26 AM.png

                    Make a firewall rule passing the desired traffic to the INSIDE address of the server (Example for HTTPS TCP/443):

                    Firewall > Rules, WAN

                    Screen Shot 2020-07-11 at 11.27.03 AM.png

                    Chattanooga, Tennessee, USA
                    The pfSense Book is free of charge!
                    DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 1
                    • E
                      Edhasw last edited by

                      Hi @Derelict thanks for your help.

                      I will test your recommendation soon, I had a trouble with hosting, the system crashing and I will have to reset and reinstall

                      When I can set all good, I will test your recommendation, and I will to continue with this thread.

                      Thanks you very much

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post