4. Question about multible WAN and LAN.

Question about multible WAN and LAN.

  • S

    Hello,

    Can pfsense handle the following setup:

    Interfaces:

    • WAN1 (Internet)
    • WAN2 (Closed "Internet")
    • DMZ
    • LAN1 (Normal users)
    • LAN2 (Users that need services on the closed "internet")

    Routning:

    • All trafic from LAN1 are handled by WAN1.
    • All frafic from LAN2 are handled by WAN2.
    • All trafic from DMZ are handled by WAN1.

    NAT:

    • All servers from DMZ have static NAT with a IP from WAN1.
    • All computers from LAN1 have dynamic NAT to one IP from WAN1.
    • One server from LAN1 have static NAT with a IP from WAN1.
    • All computers from LAN2 have dynamic NAT to one IP from WAN2.
    • Server from LAN2 have static NAT with a IP from WAN2.

    Thanks for your input.

    /Lars

    0
  • P

    Yes, all those things look possible. That will use policy-routing to direct traffic to the required WAN, manual outbound NAT (and it might even be that automatic outbound NAT will do a bit broader thing than you want, but that will be fine because your firewall pass rules will only allow a cut-down set of traffic to particular WANs anyway), 1:1 NAT for servers. I don't think you will even need to define static routes for the networks available out WAN2 - the policy-routing rules should send it that way without the help of static routes.

    0
  • S

    Great, thanks.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy