4. Secure LAN behind corporate LAN

Secure LAN behind corporate LAN

  • Q

    Hi everybody!

    I would like to setup a very secure configuration with pfsense. Setup would look like this:

    WAN -> PFSENSE1 -> LAN1 (administration)-> PFSENSE2 -> LAN2(developpers)

    The idea with this concept is to monitor and control people working in LAN2.

    From Pfsense2 I can ping PFsense1, but that's it!

    Any suggestions? What do you need to knowto help?

    Thanks,
    Felix

    0
  • C

    Depends on whether you're NATing on 2, if not, you need a static route on 1 pointing to 2 for the developer subnet

    0
  • Q

    I have a static route on 1 pointing to the sunbnet behind 2. Before NATing anything, I'm just trying to browse the web. From a workstation in the dev subnet, I can ping pfsense1, but if I ping Google, I see that DNS are working (so is nslookup), but I get no response. When I try to browse to google.ca, I receive a 118 error, connection timeout…

    0
  • C

    The default LAN rule only allows the LAN subnet, you'll have to open that.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy