DUAL LAN



  • I Tried searching the forums and got no where.

    heres the setup

    wan1–-----------                          Lan1-------------- working Data 10.1.0.0
                                Pfsense working
    wan2-------------                          Lan2-------------- Viop Traffic Not working 192.168.1.0

    I am lost when it comes to the lan side of the dual part. is there any way for lan1 to access lan2?

    and lan2 to have internet access?

    any help is greatly appreciated

    Or does any one have a better idea on how to set up a Voip/data network that will not interfear with the Lan1 company (2 business under one Pfsense)
    2 seperate switches == 2 different lans



  • I haven't setup a second lan specifically for VOIP, but a second LAN is pretty easy. Just setup outbound NAT rules for the second LAN and firewall rules similar to the ones auto-created for the LAN…



  • So I would have to set the outbound manually?

    Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))

    is that what I am going to have to do?

    does anyonehave a Screen shot of the nat / firewall fig?  if so please Just Insert dummy addresses and send to cpaulatwynnjonesdotcom

    Just looking to keep pushing the pfsense envelope!
    Great work! keep it up



  • To give LAN2 internet access just add a rule on the LAN2 interface

    Source LAN2 subnet
    port any
    dest any
    port any
    gateway WAN2

    this will send all traffic from LAN2 to WAN2

    If you want to see how to do load balancing then take a look at:
    http://doc.pfsense.org/index.php/MultiWanVersion1.2



  • in the interface assignment what do i put down as the interface ip address? 192.168.1.255/24?
    i am a little lost the thing keeps thinking it is a wan interface not a lan

    and i do under stand the firewall rules but instead of the Wan2 could i just use the wan1 gateway instead?
    also to clarify the two interfaces will not stray in to each others networks?

    also if i wanted to access the lan2 from lan1 could i just set some firewalll rules to access the bugger say port 80,22?
    thank you for all your help!




  • Here are some example rules. These would allow the LAN to access the VOIP LAN, but the VOIP LAN could not initiate connections to the LAN. They would be routed out via two failover pools- failover1 being WAN fails to OPT1 and failover2 being OPT1 fails to WAN. In this example LAN net is 10.1.0.0/24 and VOIP net is 192.168.1.0/24. I haven't tried this config with Automatic NAT on.

    Firewall, Rules:
    LAN
    PASS * LAN net * * * failover1 Allow all outbound LAN

    VOIP (LAN2)
    BLOCK * VOIP net * LAN net * * Block VOIP from LAN
    PASS  * VOIP net * * * failover2 Allow outbound VOIP

    NAT, outbound:
    WAN 10.1.0.0/24 * * * * * No NAT LAN
    OPT1 10.1.0.0/24 * * * * * No NAT LAN via 2nd WAN
    WAN 192.168.1.0/24 * * * * * No NAT VOIP
    OPT1 192.168.1.0/24 * * * * * No NAT VOIP via 2nd WAN



  • I have folowed the example down to the T 
    and no dice the darn Trix box will not ping the gateway
    192.168.1.1 (lan2) or google for that matter am i really forgetting to do someting?

    i have the lan2 interface set at 192.168.1.1

    Thank you for all the help
    Chase



  • If your VOIP box can't ping the default gateway, there's something wrong that's not the firewall.
    Verify the network config on your VOIP server- it's on the 192.168.1.x network, right? Default gateway is 192.168.1.1, subnet mask set correctly, etc. Check the physical link. Put a pc off that interface set to 192.168.1.100 or something and try to ping the lan2 interface, and the IP of the voip server.



  • Yep did the pc install on the LAN2 could ping  the VOip 192.168.1.2
    but could not ping 192.168.1.1 (gateway/ Lan2 interface address)
    pc ip address is 192.168.1.100

    i am not sure any more i redid all the load balance / failover rules but no luck

    i also have this setup as this

    wan–----              psudo lan2-----------Voip system 192.168.1.1 gateway not working
                  pfsense
    wan2-----              -----------lan1-----------linksysrouter----Voip system 192.168.1.1gateway Works pings and can acces internet.

    Thank you  for all the help



  • LAN2: if you add a rule that allows all , with gateway as default - not load balanced, does it ping the gateway?

    I am resetting my network here and I have the same sort of problem. 1.2 RC3



  • Nope did what you suggested no dice here

    Chase

    i am also running  1.2-RC2

    Thank you



  • System, Advanced: check the box to disable the firewall. If you STILL can't ping, I would verify the hardware setup- NIC in the firewall, switch, etc…


Log in to reply