LAN to LAN Firewall
-
Hello world :)
I am new to PFSense and I have a problem. Although, I do not know whether this scenario is possible at all.
1. PFSense has 2 NIC's
1a. 192.x.x.254/24
1b. 192.x.x.253/24 ; GW 192.x.x.200
2. I want my pc's to have gw .254
3. Then I want to make Firewall rules to channel all Internet traffic to it's own GW .200
4. I want to accept incoming traffic on .253 (I suppose that i will have to configure my router's routing table for this)Is it possible to make it work and how? ??? ???
Any suggestion is appreciated. :)
-
What purpose are you setting this up for? If it is just as a proxy/squidguard type setup, then you don't need to make any changes other than setting up the proxy in IE or your favorite browser. If your goal is to block traffic of any kind, then it is wiser to put the pfsense box in line between the router and the switch. You would then change your LAN subnet to be different from 192.x.x.x/24 to 192.x.y.x/24 so that routing can work properly. Then you would use the pfsense LAN address as your gateway for all machines.
-
What exactly are you trying to accomplish here?
Your x.x in the middle of your network with a /24 makes them look like the same network segment? Are they??
If there different segments, then show that with say 192.a.a.253/24 and 192.a.b.254/24 – but with just .253 and .254 seems like same segment, if they were different you could use .254 on each segment, etc. Are they public space?? If not just so the whole thing, 192.168.x.x is private address space, no reason to hide it.
If same segment, why are you multi home pfsense? And if different segments, does that switch support vlans? If not your running 2 different networks on the same wire, normally a bad idea!
Why don't you spell out what you want to do with pfsense, and what your current network looks like, and we can tell you if you can do that and if how, etc.
