PfSense with only LAN and DMZ nic: how to set up a default route

  • I have a pfSense without a WAN: it has just the LAN and the DMZ interfaces.

    In order to allow the machines running on the DMZ to communicate with Internet (outbound) I need to set up a default route, but I should avoid to set a default gateway in the LAN or in the DMZ interface.

    Is it possible?


    So where is the gateway to the Internet? Is it via some other router in the DMZ or LAN?

    You can have the default gateway on any interface you want, but depending on where that is, it may affect how other devices can use the firewall.

    A network diagram would help to see, including how your network actually will reach the Internet.

