Help - rules,routing for 2 Lan setup.



  • Hi there, I have a 2 LAN network in our school, Admin (10.75.29.0) and curriculum (10.44.0.0) I ould like the admin network to be able to access shares and printers on the curriculum side. but not curriculum to admin.

    I'm using PFsence 2.0 RC3, we dont need internet routing since both networks have thier own gateway, all we need it is to act as a bridge between the 2 networks.

    What basic rules would i need to configure for this ?

    Kind Regards

    Paul S



  • ad allowing rule to admin network nic, nothing else should be added



  • How do clients in your admin network know how to reach curriculum?
    Are the gateways within this pfSense system (gateway & bridge on same IP), did you add static routes if the gateway is on another IP, …?



  • hi thanks for your reply. were not too wirred about the gateways snice the admin and curriculum network have their own DHCP server which dishes out the correct gateway.

    I just really need to know if it's a firewall rule issues or routing issue, or both.

    Kind Regards

    Paul S

    Posted by: Metu69salemi 
    Insert Quote
    ad allowing rule to admin network nic, nothing else should be added

    I have added the rule but this still doesnt allow access to ping's or standard server shares from the admin network to the curriculum network. any other ideas ?

    Kind Regards
    Paul S



  • By reviewing rules and logs you could find out the answer. can send use the logs and screenshots



  • @cygnes:

    I just really need to know if it's a firewall rule issues or routing issue, or both.

    You didn't answer the routing question and now you look at the second step first.
    How do clients from the admin network now where to send traffic to the other network?

    From your post I assume the pfSense bridge is a separate box, right?
    The clients need to have this IP in their routing tables to get traffic there. Otherwise everything not on their subnet will be (has to be) routed out through the default gateway.

    Maybe the gateways are connected and know where to send this traffic but you didn't tell us yet.



  • Hi, sorry for the delay, i've added an image of how we our network is at the moment.


Locked