Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing between 2 internal networks

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      esanchez
      last edited by

      Hi, I have a network configuration that is some how like this:

      As you see, I have a pfSense from one side(network 172.16.15.x), and a Vyatta from the other side(network 172.16.5.x). I have a default installation on the pfSense side, and some rules that let me access the web interface from the vyatta side.

      People on network 172.16.15.x can reach all the people on the 172.16.5.x, but not vice-versa, people on network 172.16.5.x can't reach people on 172.16.15.x

      Here are my WAN rules:

      Here are my LAN rules:

      In Outbound I have "Automatic outbound NAT rule generation…

      any help would be appreciated..

      best regards,
      -eduardo s.m.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        WAN:
        Destination "WAN address" means exactly that.
        You allow access with your first two rules to the IP of the pfSense. Nothing more.
        If you want to allow access from the first two subnets to the LAN on the pfSense you have to set as destination: "LAN net"
        Also dont forget to set on the vyatta side a static route for the 172.16.15.x/24 subnet pointing to 172.16.5.5.

        What are your rules 3 and 4 for?

        LAN:
        Basically delete your first 4 rules. They dont do anything.
        The last rule you have allows everything in your LAN to the WAN.

        You also need to make sure you have a static route on the pfSense for the 172.16.3.x/24 pointing to 172.16.5.10.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.