Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    One Wan and Multiple LAN - Gateway IP

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mnsmani
      last edited by

      I have Two LAN and One WAN configured. In second LAN configuration, it clearly states that Gateway IP is not required, if there are no multiple WAN configured. If I configure Gateway IP, then nothing works.

      Now my requirement is LAN1 do not trust LAN2 and LAN2 do not trust LAN1. In this circumstances, I do not wish have the traffic mix up…. If I need to specify separate gateway for every LAN i define with one WAN... what should I do ?

      Help please.....

      1 Reply Last reply Reply Quote 0
      • H Offline
        hoba
        last edited by

        Entering a gateway at an interface will add NAT to it by default (unless you enable advanced outbound nat). Don't set a gateway at any of your LANs for the pfSense interface config. You only need firewallrules to prevent the LANs to talk to each other. A rule like this should do the trick:

        At firewall>rules, LAN-tab: pass protocol any, source LAN-subnet, destination NOT LAN2-subnet, gateway default

        At firewall>rules, LAN2-tab: pass protocol any, source LAN2-subnet, destination NOT LAN-subnet, gateway default

        Now both LANs can get out to the internet but not to each other.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.