Help connecting a second pfsense router From switch to WAN

dax0n

Hello all, i Have a bit of an ODD question.. so i have 2 pfsense DIY router/FW one is connected to my ISp and LAN1 is connected to Switch1 , I want my other router to be like a dev environment so I'm connecting a cable from switch to router2's WAN to make it look like its coming from and ISP but in reality its just a private IP , and then have Lan1 on router2 connected to Switch 2 . Issue im facing is I cannot access internet from device connected in the SW2
so im not sure what im doing wrong .. sorry for the long question

this is the setup right now

Any help on this would be greatly appreciated

Thanks in advance!

stephenw10

10.54.23.87 appears to be outside the Router1 LAN subnet (10.1.1.1/?) unless you have a ridiculously large subnet there like /8.

If the Router2 WAN is static did you configure it's gateway/default route correctly?

Steve

dax0n

@stephenw10 sorry i think i showed this wrong

i have my lan 1 as my internal
Lan2 is DMZ
so that my mistake ill fix this now
Screen

Very sorry about that hope this makes sense

and i have not touched anything regarding routes .. sorry still learning pfsense any video or doc i can check to help me out ?

thank for replying

JKnott

@dax0n

Does the first one have a route to the LAN side of the 2nd?

stephenw10

I doubt it does but that would not stop Router2 LAN clients connecting out.

What would though is in incorrectly configured WAN on Router2. Because it's static you must set 10.54.23.1 as a gateway on WAN.
You have marked the Router2 WAN as /32 but it must be set as /24 otherwise it cannot reach the gateway.
Alternatively you could enable DHCP on LAN2 in Router1 and then just set the Router2 WAN as DHCP.

Or a missing firewall rule on Router1 LAN2.

Steve

JKnott

@stephenw10 said in Help connecting a second pfsense router From switch to WAN:

I doubt it does but that would not stop Router2 LAN clients connecting out.

The return traffic will have to be routed to the 2nd system. If the 1st one doesn't know about that subnet, then it can't route to it.

stephenw10

By default Router2 will outbound NAT the traffic providing a route back. But only if it has the gateway set on WAN correctly.
Using DHCP on the WAN removes a lot of the opportunities to get it wrong.

Steve

dax0n

Hello again, sorry for the late reply
SO what i did was used one of my lan ports on RT1 and setup DHCP
Connected that to the wan port on RT2 and setup gateway .. and now its working .

Thank you for your help.. I learned a bit more :)

stephenw10

Nice.
Yes, easier to get up and running using DHCP and NAT.

At some point in the future you might experiment using static routes to remove the double NAT.

Steve

dax0n

@stephenw10 Oh for sure haha ,, Ill be doing a ton of stuff as i learn more . Love it
Thanks again!