Wan to Wan Routing, I don't know how to do it



  • Hello people,

    I am trying to do a wan-to-wan routing for my system using pfsense. But I got struck in the last step where I should be able to send packets from WAN to LAN.
    Firstly, the network map I have to design is as below: (50.4.30.x IP's are real public WAN IPs, not a private IP)

    internet
    |
    router (ip=50.40.30.1/24)
    |
    firewall (ext ip=50.40.30.2 - /dont know what should be the subnet) (int ip=variable)
    |
    switch
    |
    servers (i.e.: ip=50.40.30.5/24, default gateway is 50.40.30.1)

    What I did was:

    • I created a Proxy-ARP mode VIP on LAN for 50.40.30.1 so that the servers doesnt have to know the fw's internal IP. I tested it and it seems working.
    • Temporarily, I created a FW rule in both LAN and WAN that allows all kinda traffic from everywhere.
      My problem is:
    • I can send pings/reach from my server (50.40.30.5) to 8.8.8.8 (for example), but I cannot ping/reach my server from an external IP.

    What can be the problem?
    And how should I configure pfsense for this purpose?

    I really appriciate your help.
    Thanks in advance.

    Edit, just to make sth sure:
    I am using real public IP adresses for my servers and I want to reach my servers from outside with their real public IPs.



  • You should set your pfSense into bridging mode.

    • Get rid of the VIPs.
    • Don't assign a public IP to the WAN or LAN of the pfSense.
        Just set a private IP so you can manage it.
    • After bridging LAN to WAN, make sure your servers have as default gateway the router 50.40.30.1/24 (the router in front of the pfSense).
    • Create rules on the pfSense allowing traffic from the WAN to your server and from your servers to the internet (if they need internet access).

Log in to reply