Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual wan dual lan (lan1 Lan2 and wifi)

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X Offline
      XIII
      last edited by

      I want to set up two wans and 3 lans wan 1 is for lan1 and lan2 (wired and wifi) and wan2 for lan3. wan1 is only for lan1/2 and wan2 is only for lan3. lan3 has access to wan2 only and lan1/2 has access to wan1 only. I have read on the forums and help documentation that its possible for load balancing meaning that wan1 and wan2 are shared among all lans, I need them to be dedicated/seperate, is this possible?

      -Chris Stutzman
      Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
      Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
      freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
      Check out the pfSense Wiki

      1 Reply Last reply Reply Quote 0
      • C Offline
        clarknova
        last edited by

        You don't need loadbalancing. You need some pass firewall rules thus:

        LAN1
        *  LAN1 net  *  *  *  WAN1

        LAN2
        *  LAN2 net  *  *  *  WAN1

        LAN3
        *  LAN3 net  *  *  *  WAN2

        You don't want a default allow rule on your LAN interfaces. If you want any access from one LAN to another then you will have to create specific rules for that.

        db

        db

        1 Reply Last reply Reply Quote 0
        • X Offline
          XIII
          last edited by

          i was thinking of something like that but thought that since i have never done multiple wans before i would check the forums but most mentioned using load balancing them and that all lans would be able to access all wans.

          what about the special settings that are given to the first wan interface, is there a way to give those to the 2nd wan? (block private/bogon networks etc.)? or should i not worry about this stuff?

          thanks for your help.

          -Chris Stutzman
          Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
          Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
          freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
          Check out the pfSense Wiki

          1 Reply Last reply Reply Quote 0
          • C Offline
            clarknova
            last edited by

            @XIII:

            most mentioned using load balancing them and that all lans would be able to access all wans.

            Most multiwan setups use load balancing, which makes things a little more complex to set up. In your case it's as simple as setting up pass rules to define what goes where. Anything not explicitly passed will be blocked, and if one WAN fails then the associated LAN will not fail over to another WAN because you haven't allowed it.

            what about the special settings that are given to the first wan interface, is there a way to give those to the 2nd wan? (block private/bogon networks etc.)? or should i not worry about this stuff?

            The answer to that is explained here:
            http://marc.info/?l=pfsense-support&m=124483410623342&w=2

            In short, I wouldn't worry about it too much unless you have specific cause to worry.

            db

            db

            1 Reply Last reply Reply Quote 0
            • X Offline
              XIII
              last edited by

              thanks for your help, sound like 2.0 will support multi wans native cant wait.

              -Chris Stutzman
              Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
              Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
              freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
              Check out the pfSense Wiki

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.