Multi WAN to multi LAN subnets?



  • So I'm in a bit of a dilemma. I'm starting a network project at a golf course country club in the town I live in. Here's what I have and what I'm trying to do:

    I have:

    2 dedicated WAN connections from separate modems (2 physical ethernet cables). One for IP phones (voice), one for data.
    a pfSense box with 3 NICs
    A Cisco 2960 switch with VLAN capabilities
    IP Phones
    Wired Computers

    Here's what I'm trying to accomplish:

    WAN1 (Phones, 76.22.22.22) –------------> NIC1
    WAN2 (Data, 76.22.22.23) -----------------> NIC2
    NIC3 = LAN (VLAN tags: Voice = 4 = 192.168.1.0/24, Data = 5 = 192.168.2.0/24 ) -----> fa0/1 port on Cisco 2960 Switch

    On the Cisco switch, port fa0/1 is the trunk port. Let's say I plug in a phone into port fa0/2 which is an access port to VLAN4. I also plug a PC into fa0/3 which is an access port for VLAN5. Both VLANs go over the trunk. I want the phone to get a 192.168.1.# address and use the WAN1 connection since it's dedicated to voice. I want the PC to get a 192.168.2.# address and use the WAN2 connection since it's dedicated for data.

    Basically, I'm wanting to eliminate the need to setup 2 pfSense boxes and NAT (PAT) 2 WAN connections with both of them. I'd rather do it with one and do VLAN tagging over the trunk to the switch. In simpler terms, I want to run 2 instances of PAT I guess, if that's the correct wording.

    Sorry if this doesn't make sense,
    Any ideas though?  ;D



  • Possible, it's called policy routing, you will use firewall rules to send specific traffic to specific gateways.

    something like:
    src ip = 192.168.1.0/24 gateway: WAN1
    src ip = 192.168.2.0/24 gateway: WAN2



  • If WAN1 is dedicated to your IP phone, why don't you use 1:1 nat?


Log in to reply