4. Multi-LAN problem

Multi-LAN problem

  • R

    Hi There

    I have a task which now appears to be impossible to do on PF sense.

    I will explain my setup quickly:

    On Company 1 server room I have the following setup:

    PF sense box(192.168.0.1) with 2 WAN connections and 2 LAN connections
    WAN1: Internet Connection - ADSL 1
    OPT1:  Failover Internet Connection - ADSL 2
    LAN: Cable to switch to allow users on Company 1 to have internet access. IP 192.168.0.0/24
    OPT2: IP address is 172.16.1.1 and gateway is 172.16.1.2

    I also have data servers which holds data that company 2 needs access to

    Company 2 server room

    PF sense box(192.168.2.1) with 1 WAN connection
    WAN1: Internet connection - ADSL
    LAN: Cable to switch to allow users on company 2 to have internet connection. IP 192.168.2.0/24
    OPT1: IP address 172.16.1.2 and gateway is 172.16.1.1

    I have a cat6 cable running from OPT2 network card on company 1 to OPT1 network card on company 2

    I have setup firewall rules on both PF sense boxes as below:

    Comnpany 1:
    LAN: Allow any traffic coming from LAN interface with destination of network(192.168.2.0/24) to go through on any port and selected GW to be 172.16.1.2
    OPT2: Allow traffic with source network( 192.168.2.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.2

    Company 2:
    LAN: Allow any traffic coming from LAN interface with destination of network (192.168.0.0/24) to go through on any port and selected GW to be 172.16.1.1
    OPT1: Allow traffic from source network (192.168.0.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.1

    Logic:

    Allow users from company 1 to access data on company 2, vice-versa.

    Problem:

    Cannot access servers of company 1 from company 2. When I run tracert to any ip at company 1 from company 2, I see that it uses WAN connection instead of OPT1.

    What am I doing wrong?

    0

  • You most probably need a static route for the subnet reachable via the OPT interface pointing to the gateway.

    0
  • R

    Hi GruensFroeschli

    I just tried doing a static route but it still doesn't work…

    I am out of ideas here....

    0
  • H

    you probably need a route on both sides

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy