2WANs on 2PC-s



  • We have 2pfsense PC's and each one has its own WAN.
    Static routing is engaged, how can I enable access to wan1 on pfsense1 for someone on pfsense2?
    Becouse it's forcing him to wan2, and I wan't him to redirect to wan1.



  • @zbuzanic:

    Becouse it's forcing him to wan2, and I wan't him to redirect to wan1.

    I'm not sure if i got you right… I assume your LANs NATed?
    If so, the easiest way would be to allow WAN2-IP on WAN1 incoming:

    Proto  	Source   Port   Destination  	    Port     Gateway  	Description  	
    TCP 	WAN2 	* 	WAN1 address 	443 (HTTPS) 	*        pfsense2 -> pfsense1 
    

    So, anyone from LAN2 would be able to connect to WAN1. As you password-protected your GUI on WAN1, that is no big risc at all.



  • There are a number of ways you could have this setup. Let us have a network diagram.



  • No LAN is not in NAT.
    Here it is:

    So, RED needs to get out on WAN1. How?  ???

    Thanks for any help, I'm kind a newb in all this.

    Routes on yellow:
    BBPOJWIR2  10.111.2.0/24  10.111.12.2       
    BBPOJWIR2 10.111.20.0/24 10.111.12.2

    Routes on red:
    BBPOJWIR2  10.111.0.0/24  10.111.12.1       
    BBPOJWIR2 10.111.1.0/24 10.111.12.1

    And all the people from 10.111.2.x have the same IP adress 10.111.12.2 on our local IRC. Why is that?



  • @zbuzanic:

    We have 2pfsense PC's and each one has its own WAN.
    Static routing is engaged, how can I enable access to wan1 on pfsense1 for someone on pfsense2?
    Becouse it's forcing him to wan2, and I wan't him to redirect to wan1.

    Maybe I dont understand your diagram, but you might want to try policy based routing.i.e.:

    If you want to route traffic for 200.20.20.0/24 from the RED firewalls LAN to WAN1 on the YELLOW firewall. Make the first LAN firewall rule
    source    destination            gateway
    *            200.20.20.0/24      OPT    (assuming OPT is the interface connected to YELLOW)

    Then on YELLOW you need to allow the from RED traffic through.


Log in to reply