Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual firewall setup Pfsense 2.0 and Netscreen 5GT

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 3 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cmpufxr
      last edited by

      I am trying to setup a dual firewall with      internet –--- pfsense------ dmz---------netsceen-------inside

      unfortunatly I have only limited networking experiance... if someone could explain or send me to some documentation that will get me going?

      I was planning on setting it up this way

      internet -------pfsense(10.1.10.1)----dmz(static 10.1.10.3 - 10.1.10.200)-----(10.1.10.2)netscreen(192.168.1.1)-----inside(dhcp 192.168.1.2-192.168.1.200)

      my current network is on the 192.168.1.x and I am running my own dhcp and dns services.

      1 Reply Last reply Reply Quote 0
      • J
        jasonlitka
        last edited by

        Double NAT is generally considered to be a bad idea.

        I can break anything.

        1 Reply Last reply Reply Quote 0
        • C
          cmpufxr
          last edited by

          Yeah…I know and I am the first to say that I am not a network guy... thats why I am attempting to set this up so that I can learn more about networking. If anyone has a better idea on how to set this up I am all ears.

          I could setup the netscreen to route only?

          1 Reply Last reply Reply Quote 0
          • P
            podilarius
            last edited by

            probably

            / –-- netscreen ---- private LAN
            internet -
                        \ ---- pfsense ------ DMZ

            Have them inline. Networks on each side MUST be different though.

            The way you have listed will work, but you would be triple natted and that can cause problems. Though it might even work, I just don't think you want that kind of fun yet.

            If you are new to networking, perhaps start with simple| Internet ---> pfSense ---> LAN (with servers and clients mixed) ... once comfortable with that then start with a single server in a DMZ network that is another NIC on the pfSense machine.

            1 Reply Last reply Reply Quote 0
            • C
              cmpufxr
              last edited by

              I already have it  internet–->pfsense----->lan

              I was just looking at doing the dual firewall like a corporation would have it.

              internet---->firewall---->DMZ----->firewall------->LAN

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.