pfsense and 2nd router on same network each having individual public ip

richjim

I am looking to slowly transition our network from a physical router to pfsense going through a Proxmox VM but am having an issue with port forwarding.

Current Setup:
Existing Cisco Router Gateway 192.168.0.1
WAN ip: publicip1

Pfsense IP 192.168.0.2
gateway: 192.168.0.1
WAN ip: publicip2

When testing the port forward in pfsense using 'Test Port' it works using the source address LAN to the hostname it shows successful.

When trying to connect from the outside and using the pfTop tool here is what shows up

which looks like pointing correctly

I am pretty sure it has something to do with my existing gateway but I am not sure how to get the cisco and pfsense to work together.

SteveITS

@richjim said in pfsense and 2nd router on same network each having individual public ip:

Existing Cisco Router Gateway 192.168.0.1

That is the Cisco WAN gateway? So the Cisco WAN is a private IP?

richjim

@steveits 192.168.0.1 is the private gateway that currently my internal devices use.

SteveITS

@richjim It sounds like you are trying to test port forwarding before replacing the router. If the outside connection is:

Internet -> pfSense -> server

and the response is

server -> Cisco -> Internet

that's not going to work well, if at all. You will need to change the server's gateway to the LAN IP of the pfSense.

see https://docs.netgate.com/pfsense/en/latest/troubleshooting/asymmetric-routing.html

richjim

@steveits Thank you! It looks like you are correct. I changed the gateway on the host machine to the pfsense IP and it connected. I had thought the host would reply back to the source ip