Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multi-LAN problem

    Routing and Multi WAN
    3
    4
    1342
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ramotalana last edited by

      Hi There

      I have a task which now appears to be impossible to do on PF sense.

      I will explain my setup quickly:

      On Company 1 server room I have the following setup:

      PF sense box(192.168.0.1) with 2 WAN connections and 2 LAN connections
      WAN1: Internet Connection - ADSL 1
      OPT1:  Failover Internet Connection - ADSL 2
      LAN: Cable to switch to allow users on Company 1 to have internet access. IP 192.168.0.0/24
      OPT2: IP address is 172.16.1.1 and gateway is 172.16.1.2

      I also have data servers which holds data that company 2 needs access to

      Company 2 server room

      PF sense box(192.168.2.1) with 1 WAN connection
      WAN1: Internet connection - ADSL
      LAN: Cable to switch to allow users on company 2 to have internet connection. IP 192.168.2.0/24
      OPT1: IP address 172.16.1.2 and gateway is 172.16.1.1

      I have a cat6 cable running from OPT2 network card on company 1 to OPT1 network card on company 2

      I have setup firewall rules on both PF sense boxes as below:

      Comnpany 1:
      LAN: Allow any traffic coming from LAN interface with destination of network(192.168.2.0/24) to go through on any port and selected GW to be 172.16.1.2
      OPT2: Allow traffic with source network( 192.168.2.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.2

      Company 2:
      LAN: Allow any traffic coming from LAN interface with destination of network (192.168.0.0/24) to go through on any port and selected GW to be 172.16.1.1
      OPT1: Allow traffic from source network (192.168.0.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.1

      Logic:

      Allow users from company 1 to access data on company 2, vice-versa.

      Problem:

      Cannot access servers of company 1 from company 2. When I run tracert to any ip at company 1 from company 2, I see that it uses WAN connection instead of OPT1.

      What am I doing wrong?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        You most probably need a static route for the subnet reachable via the OPT interface pointing to the gateway.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • R
          Ramotalana last edited by

          Hi GruensFroeschli

          I just tried doing a static route but it still doesn't work…

          I am out of ideas here....

          1 Reply Last reply Reply Quote 0
          • H
            heper last edited by

            you probably need a route on both sides

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy