WAN –>PfSense --> 2 vlan



  • I got PfSense 2.0RC3, three NIC, one from my ISP (WAN Rl0), one lan re0  static ip 192.168.0.1/24. The last NIC ale0 got 192.168.1.1/24 as static ip. Both are in the same subnet, 255.255.255.0. In the firewall i added a rule on the ale0 card so the internet works.  I now want the computers on re0 and ale0 to see each other. I got one server on 192.168.0.* witch the computers on 192.168.1.* needs to reach.

    –>LAN1 192.168.0.1
    ISP -->PfSense
                          -->LAN2 192.168.1.1

    Is that possible? Do I have to add a new rule in the firewall? Any settings in DHCP?
    Sorry for my english



  • you need to add a rule on LAN and OPT1 to allow traffic from LAN –> OPT1 and from OPT1 --> LAN

    no special settings are required for dhcp. If you want pfsense to hand out address' then you just need to fill in the start and end address'



  • DHCP is activated on both cards, 192.168.0./24 on LAN and 192.168.1./24 on the other.

    Rule on LAN
    Source: LAN subnet Destination: OPT1 subnet

    Rule on OPT1
    Source: OPT1 Subnet Destination: LAN Subnet

    Ports and protocoll is set to any.
    This doesent work, or shoult I have some other settings?



  • that should work ….

    you can't ping any address' ??

    you are sure clients on both ends have the correct gateway filled in ?

    check firewall logs for any blocks that are relevant



  • timeout when Im trying to ping :-
    The log only shows wan, nothing from lan. Any setting for this? I used Status–>system logs-->Firewall

    Gateway on LAN is 192.168.0.1
    Gateway on OPT1 is 192.168.1.1

    The same adress as the interfaces have. Should they have the same gateway?



  • that should be all okay …

    provide some screenshot's of your firewall rules / interface pages so we can figure out what is wrong



  • It work now! It was the windows firewall on the computers with windows7. The server with w2003 and the xp machine worked, i tested on them and then the light went up, its windows again;) Thanks for all the help!:D


Log in to reply