Multi WAN and Multi LAN Routing issues

  • I work for a Research Computing lab at a university. I am trying to implement a dual pfsense system for backup purposes. Our system is unique in which we have a dual wan connection. One directly from the campus and one from the State. We also have a class C public network all to our selves.

    On our internal side we run our Class C public network and an internal 10 network. Our Class C was split into 2 subnets with We used to have 2 firewalls to manage both connections and NATed our 10 network off of only one of them. We are trying to unsplit them from our internal so machines on our public IP's can talk to each other without going through our firewall.

    On the campus side and State side networks they have it split though so the upperhalf IP's go through our campus connection and the lower half IP's go through our state connection.

    My problem is that with pfsense 2.0 beta4 I can't get connections to come into our network from both halves at the same time. All outgoing connections work great and only incoming connections work on one half or the other depending which gateway is set as the default. I have a WAN group set and all incoming ports needed open on that, and on the internal LAN interface I have the rules set for the servers and the gateways pointing to their proper gateway they should be coming in from. The servers have static IP's set for our public IP's on their perspective interface. Not doing 1:1 NAT.

    If we add a static route to our home IP's then from outside of our schools network we can connect to the IP's on the half that isn't working for anyone else. Basically all incoming connections from outside our network is only working on the default gateway and not the second one. I have a drawing depicting our network layout.

    Any help is greatly appreciated.

  • The size of the attachment network.jpg is reported as 0.01kB. It is unlikely a .jpg file that long will contain any significant information.

  • OK, I got it updated with the correct image file now.

Log in to reply