Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I set up the WAN with a different gateway than the main Hosting Gateway?

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    9 Posts 3 Posters 768 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Edhasw
      last edited by Edhasw

      I just hired a hosting with proxmox, and the company gave me a main IP like this 194.152.28.56 with Gateway 194.152.28.1, this is the IP to access proxmox, but additionally, it gave me 3 Ips more similar to these 58.65.125.64 and 210.36.59.145 and 180.56.58.145.

      And when I configure the WAN, I use one of the additional IPs for example 58.65.125.64 and when Pfsense asks me for the GateWay, I write it the main Gateway, the main IP 194.152.28.1, but Pfsense gives me an error saying that it is not I can use because it is not from the same subnt.

      How can I configure Pfsense with an IP that is different from the main GateWay?

      Thank you very much in advance for the help.

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by

        In the Gateway Settings Display Advanced > Use non-local gateway

        Use_non-local_gateway.png

        -Rico

        1 Reply Last reply Reply Quote 1
        • E
          Edhasw
          last edited by

          Hi @Rico Thank you very much for answering.

          The only place where I find that option is when creating a new Gateway, that option appears under advanced.

          What I understand in that case is that I should put the new Gateway here and give that option ok, am I correct?

          Captura 1.PNG
          Captura-2.PNG
          Captura-3.PNG

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by Derelict

            You should not have to.

            If the upstream ARPs for the 58.65.125.64 and 210.36.59.145 and 180.56.58.145 addresses, it will know to send the traffic to the right interface. Just add IP aliases for those on the WAN. No additional gateways needed.

            If they are routed to you, then you can add aliases for them on the WAN or route them any way you like because they will just arrive on the WAN interface addressed to the MAC address of the 194.152.28.56 interface.

            Bottom line is we need to know how those additional addresses are provisioned in order to assist you. The above two scenarios are the most likely ones.

            And Net Masks Matter. Please provide them.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            DerelictD 1 Reply Last reply Reply Quote 1
            • E
              Edhasw
              last edited by

              Hi @Derelict

              Thanks to help me, but sorry I don't understand you
              I will explain the situation to see if you can help me

              In the hosting I have a Proxmox to mount 3 Virtual machine server, and I got the 3 more IPs from my hosting provider, but the GateWay and main IP are different to the other 3 IPs. the main IPs is only to proxmox and is connected to a one NIC that NIC is the main to get access to internet for all virtual machine.

              I tested a 1 Virtual machine with one of the additional IPs and MAC, and I got access to internet, but when I installed Pfsense I did not get access to internet from Pfsense, I test the option 7 in Pfsense to make pin a google.com and I don't get acess to internet.

              In a banktest of my home computer, I do a install of Pfsense con VirtualBox and all is Ok, of course at home I have DHCP and that is why it works well, but I understand that it should work well with Pfsense if I have Public IP as is the case with my hosting

              Thanks you very much to help me

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate @Derelict
                last edited by

                @Derelict said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

                Bottom line is we need to know how those additional addresses are provisioned in order to assist you.

                Love to help but we are still no closer to having this information.

                What, exactly, did the hosting provider give you regarding the provisioning of these addresses?

                What, exactly, did they give you as instructions for putting them to use?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 1
                • E
                  Edhasw
                  last edited by Edhasw

                  @Edhasw said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

                  58.65.125.64

                  Hi @Derelict

                  In the Hosting, the IPs an MAC is to access a Internet from the Virtual PCs, throu virtual Bridge atached a the Network Interface

                  This is I test with Proxmox and Pfsense but not work, don't get access to internet from Pfsense. When make install, I test the option 7 to do ping a google.com and do not have access to internet

                  Option Install Pfsense.PNG

                  But if I install a only a one Virtual Machine with Centos 8 like this, all is ok, I got it access to internet very well

                  One PC Work good.PNG

                  Thanks for helping me, regards

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by Derelict

                    OK -

                    just forget about "additional gateways" for now. They did not specify anything about them.

                    Make IP alias Virtual IP addresses for the three new addresses like this:

                    Firewall > Virtual IPs

                    Add

                    Screen Shot 2020-07-11 at 11.21.13 AM.png

                    Make a 1:1 NAT for each VIP to each internal server:

                    Firewall > NAT, 1:1

                    Add

                    Screen Shot 2020-07-11 at 11.22.26 AM.png

                    Make a firewall rule passing the desired traffic to the INSIDE address of the server (Example for HTTPS TCP/443):

                    Firewall > Rules, WAN

                    Screen Shot 2020-07-11 at 11.27.03 AM.png

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 1
                    • E
                      Edhasw
                      last edited by

                      Hi @Derelict thanks for your help.

                      I will test your recommendation soon, I had a trouble with hosting, the system crashing and I will have to reset and reinstall

                      When I can set all good, I will test your recommendation, and I will to continue with this thread.

                      Thanks you very much

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.