-
On WAN Side, Got two ADSL Lines in LOAD - BALANCING / FAILOVER Configuration up running.
Thinking of putting in two physical ethernet connections configured with the following IP Addresses:
172.16.20.1 ( DHCP Enabled to serve out 172.16.5.10 to 172.16.5.210 ); An AD Server resides in this subnet.
172.16.10.1 ( DHCP Enabled to serve out 172.16.10.10 to 172.16.10.210);
Question:
How now do I enable communication between clients in both subnets ? Is this automatic ?
Will a core I3 with 4 Gig of RAM and a 250gig HD suffice? The LAN Cards are all Intel 8390mt Pro/1000 and the motherboard is an Intel ATX Desktop Board (sorry, forgot the specific model).
Note: Planning to add squid and squidguard in the mix at a later date.
-
Each subnet will have a default gateway address which should be the pfSense system.
Under firewall -> rules you will have a tab for each interface. If you rename the interface to correspond with a name for the attached subnet you may find it easier to see what is going on.
To allow subnet A to reach subnet B you need a rule on the interface for subnet A that allows traffic to the address range that is subnet B. You can create a similar rule in reverse that allows subnet B to A.
You don't have to allow all traffic through.
By default pfSense creates an allow all rule on its initial LAN interface which will allow traffic through from that subnet to your other subnet. You will need a similar rule in reverse on the second subnet which will start off as an OPTx interface.
Your system spec should be more than enough for the job. That system should easily route traffic at wire speed.
Cheers
Jon -
172.16.20.1 ( DHCP Enabled to serve out 172.16.5.10 to 172.16.5.210 ); An AD Server resides in this subnet.
You can't have a DHCP server giving out addresses that are outside it's own subnet. I assume you typo'd one of those addresses? ;)
Steve
-
Hi Stephen,
Yes, that was a typo. Thanks for pointing it out.
