Multi Wan with 2 seperate Firewalls



  • I need help with the following setup with pfsense

    FW1–--------------------------
    Public Ip ----> WAN -----> LAN |------> Family Internet

    |
    FW2-----------------------------------
    Public Ip ----> WAN -----> LAN -----> LAB ACCESS  --------->  server1 = FW1 Public Ip Address
                                                                            --------->  Server2 = FW2 Public Ip Address
    -------------------------------------- 
    After breaking the family internet to many times to mention i decided on the above layout where in theory FW1 won't need to be touched once completed and any changes to my lab will only need changes to FW2, i have some port forwarding rules on FW1 that forward to the FW2 Lan and then on to the SERVER1 which i can see are being recieved via wireshark on server1 my issue seems to be to get the server responses to come back the way they came ie : out the fw2 lan -----> fw1 lan-------> fw1 wan-------> internet , my gut feeling is there all being sent out FW2 wan instead.

    Any help would be most appreciated.

    Regards

    Bigbluto



  • You state you want to separate the networks so you dont break the family Internet, but the LAN is shared between both firewalls. Since both firewalls get a public IP why not keep them separate? (same ports being used by both servers?)

    Depending on your setup to force server1 to respond to requests through FW1, set a static route on server1 to use FW1 as its gateway.

    Which firewall is the:
    DHCP
    gateway
    DNS

    for the servers?


Log in to reply