Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setup Configuration

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      iMatrix
      last edited by

      I am having a little of a challenge and I was wondering if I could get a few hints were to look.  What we have is network for a test network.

      The setup is we have a line running from the corporate network into our server.  Our server has 3 network cards in it.  RE0 = WAN (172.16.2.135 static DHCP) RL0 = LAN (I named is ServerNet) RL1 = Opt1 (I named it LABNet1).  The WAN is DHCP setup from the main network.  The other two I configured their IP's to be 10.0.1.1 (ServerNet) 10.0.2.1 (LabNet1).  I want to run DHCP so I have it set to do 10.0.1.1/24 10.0.2.1/24.

      The problem is I can't get LabNet or ServerNet to connect to the internet at all.  I am really lost as to why I can't get them connected at all.  I tried to setup the NAT and then I could get connected to the internet but none of the rules appear to be working.  I need the ServerNet and LabNet to see each other.  But I want to setup rules (like use a proxy) on the labnet but not on the servernet.  Help?

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        Most likely it is the WAN option to block private IPs though there are other possibilities as well. What have you done to the box so far?

        1 Reply Last reply Reply Quote 0
        • I
          iMatrix
          last edited by

          Thank you for your reply.

          I have removed the option in the past to block all of the private IP's and the bogon's.  I have toyed with various firewall rules to allow all traffic outside.

          I configured the gateway's to point to the main IP for each of the interface.  I tried to setup a static route for everything to get to the gateway of the corporate network (172.16.2.1) and still not getting anything.  Eventually I setup another test box and configured just the WAN and LAN interface.  I setup the outbound NAT and in it I configured everything to be any for protocol, source, destination, and for the translation I set the address to be the "Interface address".  This will get me on the internet.  However, I am wondering if I am doing this right.

          I assume I have to set NAT.  Does this mean that I won't be able to see the 10.0.1.1 network from the 10.0.2.1 network?  What about the firewall rules and setting up the proxy server on the 10.0.2.1 network?

          Again I am extremely grateful for the help.

          1 Reply Last reply Reply Quote 0
          • P
            podilarius
            last edited by

            It is better to get get each network segment working to the internet, then you can work on getting them to talk to each other. Basically it is rules and a lack of NAT for each network to talk to each other. Without knowing what rules you have set, what NAT you have set, and the packages you have installed, it becomes a guessing game for us. LAN is going to have a default allow rule, but any OPT interfaces will not. If you have not created a rule there then opt interfaces will not have internet or any access.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.