Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi-LAN problem

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ramotalana
      last edited by

      Hi There

      I have a task which now appears to be impossible to do on PF sense.

      I will explain my setup quickly:

      On Company 1 server room I have the following setup:

      PF sense box(192.168.0.1) with 2 WAN connections and 2 LAN connections
      WAN1: Internet Connection - ADSL 1
      OPT1:  Failover Internet Connection - ADSL 2
      LAN: Cable to switch to allow users on Company 1 to have internet access. IP 192.168.0.0/24
      OPT2: IP address is 172.16.1.1 and gateway is 172.16.1.2

      I also have data servers which holds data that company 2 needs access to

      Company 2 server room

      PF sense box(192.168.2.1) with 1 WAN connection
      WAN1: Internet connection - ADSL
      LAN: Cable to switch to allow users on company 2 to have internet connection. IP 192.168.2.0/24
      OPT1: IP address 172.16.1.2 and gateway is 172.16.1.1

      I have a cat6 cable running from OPT2 network card on company 1 to OPT1 network card on company 2

      I have setup firewall rules on both PF sense boxes as below:

      Comnpany 1:
      LAN: Allow any traffic coming from LAN interface with destination of network(192.168.2.0/24) to go through on any port and selected GW to be 172.16.1.2
      OPT2: Allow traffic with source network( 192.168.2.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.2

      Company 2:
      LAN: Allow any traffic coming from LAN interface with destination of network (192.168.0.0/24) to go through on any port and selected GW to be 172.16.1.1
      OPT1: Allow traffic from source network (192.168.0.0/24) from OPT2 interface with destination of LAN subnet and selected GW to be 172.16.1.1

      Logic:

      Allow users from company 1 to access data on company 2, vice-versa.

      Problem:

      Cannot access servers of company 1 from company 2. When I run tracert to any ip at company 1 from company 2, I see that it uses WAN connection instead of OPT1.

      What am I doing wrong?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        You most probably need a static route for the subnet reachable via the OPT interface pointing to the gateway.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • R
          Ramotalana
          last edited by

          Hi GruensFroeschli

          I just tried doing a static route but it still doesn't work…

          I am out of ideas here....

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by

            you probably need a route on both sides

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.