Suggestions for multiwan with a natted router
-
Hi all,
in our environment we have a pfsense machine running multiwans and a LAN card on 192.168.1.0/24. Now we have a backup ADSL router that provides both DHCP and NAT (and cannot be configured) on the 192.168.1.0/24 network. We'd like to use it as another WAN of our firewall, just for backups or policy routing. The problem is the addresses clashing and the DHCP server (our firewall also does DHCP).
My idea is to connect a card of the pfsense box directly to the router, leaving it on DHCP, so that the router will give it an address in the rage 192.168.1.0/24 (of course checking it is different from my LAN address). Since the firewall is the only thing connected to the router the latter's DHCP server will not compromise my hosts. However I don't know how pfsense will react to a policy routing based on such network interface, that is if it can perform policy routing on another "LAN like" interface. Moreover, isn't this triggering an asymmetric routing (that is not going to work because no host can reach the router except the firewall)?
Any chance this can work?
Any suggestion about how to use such router?
And please note that manage switches are not an option. -
You will almost certainly have to change your LAN IP to get this to work. Otherwise the /24 subnet will include devices on both sides of pfSense box which will break routing.
Steve
-
Thanks,
I hope the computer of who designed this stupid device keeps rebooting every two minutes! ;D -
I am not sure if I understand you correct but for pfsense it is independet if there is another router which does NAT on the interface.
What you describe - or like I understand it - it is doueble NAT. This is working.You can do LoadBalancing and Failover as you like.
ISP–--NAT-Router1--------NAT-pfsense-------LAN
ISP2--------------------------On the pfsense interface which connects to the other NAT-Router you will probably have to uncheck "block private networks"
