<![CDATA[Dual WAN & Dual LAN with 3 ports]]>I have 2 internet connections (10mbit and 1mbit) currently connected to my pfsense box.

I need 2 internal zones. LAN and DMZ, but I only have one available port on the pfsense box.

I need 1 WAN IP pointing to my small business server hosting remote web workplace and email in the LAN.
I need 1 WAN IP pointing to my web server in the DMZ.

I would prefer both LAN & DMZ to use the faster 10mbit connections gateway, except for the small business server which will use the 1mbit gateway.

My pfsense box has 3 ethernet ports. I have both WAN's plugged into the pfsense box, leaving one port for my internal network.

In order to add a DMZ with my current setup I would need to use VLAN's, but I have read that is not very secure because the LAN and DMZ would both be connected to the same managed switch.

Can I use the managed switch & vlans to combine the two WAN's before reaching pfsense and still retain the ability to use the 3 static WAN IP addresses?

I have an additional 3 ethernet port pfsense box in storage. Could I connect 2 physical WAN's to first pfsense box and one LAN connection to second pfsense box, and then use 2nd pfsense boxes remaining two ports for LAN & DMZ?

My available hardware
1x managed switch gs105e (5-ports)
2x pfsense boxes (3 ports each)
1x Cisco Pix 501 (most basic model, only allows 1 subnet)

Any tips would be greatly appreciated.

]]>https://forum.netgate.com/topic/36830/dual-wan-dual-lan-with-3-portsRSS for NodeSun, 07 Jun 2026 18:00:25 GMTWed, 31 Aug 2011 15:07:13 GMT60<![CDATA[Reply to Dual WAN & Dual LAN with 3 ports on Thu, 01 Sep 2011 13:53:50 GMT]]>I'm still a bit confused. I took the network example from the 1.2 docs and adjusted it a bit.

The red box is my small business server, it does smtp, remote web workplace and outlook web access.

The blue box is what I would like to use the connection #1 which is the faster connection.

I think I can figure out that much between the 1.2 and 2.0 docs. My question is, what goes in the green circle? Just a regular unmanaged switch and then I add another firewall before the dmz zone?

The second image is what I was thinking originally. Would this setup work?

I'm not even worried about failover or load balancing right now, I just need to get this DMZ sorted.

dmz.jpg
dmz.jpg_thumb
dmz1.jpg
dmz1.jpg_thumb

]]>https://forum.netgate.com/post/294087https://forum.netgate.com/post/294087Thu, 01 Sep 2011 13:53:50 GMT<![CDATA[Reply to Dual WAN & Dual LAN with 3 ports on Wed, 31 Aug 2011 20:14:02 GMT]]>There is a guide specific to 2.0 on the wiki.

http://doc.pfsense.org/index.php/Multi-WAN_2.0

]]>https://forum.netgate.com/post/293969https://forum.netgate.com/post/293969Wed, 31 Aug 2011 20:14:02 GMT<![CDATA[Reply to Dual WAN & Dual LAN with 3 ports on Wed, 31 Aug 2011 17:49:50 GMT]]>I think this document:
http://doc.pfsense.org/index.php/Multi-WAN_Version_1.2.x

Is kind of in the right direction for what I need. I just need to comprehend it. I'm on 2.0 as well, hopefully they are close to the same.

]]>https://forum.netgate.com/post/293930https://forum.netgate.com/post/293930Wed, 31 Aug 2011 17:49:50 GMT<![CDATA[Reply to Dual WAN & Dual LAN with 3 ports on Wed, 31 Aug 2011 16:00:48 GMT]]>How would I go about assigning the external static WAN IP through 2 pfsense boxes?

]]>https://forum.netgate.com/post/293886https://forum.netgate.com/post/293886Wed, 31 Aug 2011 16:00:48 GMT<![CDATA[Reply to Dual WAN & Dual LAN with 3 ports on Wed, 31 Aug 2011 15:28:53 GMT]]>@philpot:

I have an additional 3 ethernet port pfsense box in storage. Could I connect 2 physical WAN's to first pfsense box and one LAN connection to second pfsense box, and then use 2nd pfsense boxes remaining two ports for LAN & DMZ?

Yes you could, that would be best.
If you use a switch to combine the 2 WAN using VLAN, then you'd be exposing yourself to the same risks as a VLAN from behind PFSense (afaik, then again i'm not top notch)

]]>https://forum.netgate.com/post/293885https://forum.netgate.com/post/293885Wed, 31 Aug 2011 15:28:53 GMT