Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi LAN through VPN Gateway - solved -

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 1 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      GreenT
      last edited by

      Hi!

      I do have the following setup in place:

      I want to tunnel all traffic from behind pfsense 2.0.3 through a VPN.
      This works fine for my hosts in VPNGWNET. If the VPN drops, rules in the endian
      firewall block all traffic, except for DNS and a new VPN session.
      Also I want to seperate VPNGWNET and GUESTS. There is only one host in VPNGWNET
      but I don't want GUESTS to have access to it.

      Clients in my VPNGWNET do get an IP assignet by pfsense.
      These clients can ping 192.168.1.1
      These clients can do DNS lookups
      These clients can access hosts on the VPN network

      Clients in my GUESTS do get an IP assignet by pfsense.
      These clients can ping 192.168.2.1 and 192.168.1.1
      These clients can do DNS lookups.
      These clients don't have access to the VPN and can't ping clients on the other side.

      Firewall-Settings for GUESTS Interface:

      Did I miss something?
      As far as I understand, this should work.

      Thanks in advance for any help.

      1 Reply Last reply Reply Quote 0
      • G
        GreenT
        last edited by

        Solved it.

        To work for the above setup correctly, I had to set NAT to manual.
        What I did not add was manual NAT rules for the second LAN. It works fine now with these additional settings:

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.