Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VMWare pfsense routing help needed!!

    Routing and Multi WAN
    2
    16
    5476
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      galazus last edited by

      This is my case:Using VM workstation 9.
      I have setup 2 domain controllers each running exchange 2010.one has IP 192.168.1.1 and the other 192.168.2.1.MSExchange 2010 is running fine and the users in the respective domains can email each thru outlook.but the problem is; how do I route the 2 networks to have users email across the domains.I tried to configure 2 servers as routers but am stuck..
      Now I wana try pfsense  to use a virtual router.But I am stranded in the middle. I have issues with setting new virtual network adapters to connect the two networks.This my school project. Guys help:-)
      more modified network sketch is attached
      ![network sketch.jpg](/public/imported_attachments/1/network sketch.jpg)
      ![network sketch.jpg_thumb](/public/imported_attachments/1/network sketch.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • M
        marvosa last edited by

        The two servers would work, but you'd have to enable routing and remote access and configure static routes.  What static routes did you configure?  Even if you add pfsense you will need to configure your routes.

        Someone with experience virtualizing PFsense will have to chime in on that, but the first question I would ask is do you have your adapters  bridged or NAT'd?

        1 Reply Last reply Reply Quote 0
        • G
          galazus last edited by

          Routing is enable on the server that i configured as a router.
          the IP addresses of my two DCs, are the default getaways for the two NICs on this server

          1 Reply Last reply Reply Quote 0
          • M
            marvosa last edited by

            Ok, but the routing table on the edge routers are going to determine where traffic goes, so in order for 192.168.1.0/24 to talk to 192.168.2.0/24 you need a static route on R2 telling it forward all traffic destined for 192.168.2.0/24 thru 10.0.0.2.  Then you will then need the return route on R1 telling it to forward all traffic destined for 192.168.1.0/24 thru 10.0.0.1.

            Also, the default gateway of devices in 192.168.1.0/24 should be 192.168.1.4 and in 192.168.2.0/24 your devices should have a default gateway of 192.168.2.4.

            1 Reply Last reply Reply Quote 0
            • G
              galazus last edited by

              ;) Thanks..i will try this..Do I need 2 routers or just a single router with 2 NICs?
              someone suggested that option.
              One NIC would be on VMnet1(network1 uses this too),
              and 2nd NIC would be VMnet2(network2 uses this too).
              Try to look at the new packet tracer drawing i uploaded.

              1 Reply Last reply Reply Quote 0
              • M
                marvosa last edited by

                Well, that assessment was per your diagram, so you may want to start there, but I suppose you could use one router with two NICs.

                1 Reply Last reply Reply Quote 0
                • G
                  galazus last edited by

                  I have tried with one server configured as a router..
                  but the clients in network 1 seem not to be able to  ping clients in the other network.
                  when I bridged the two networks adapters(on the server)..the domain controllers can ping each other.
                  but still the clients cant..
                  I think i have gateway issues…
                  what gateways should I use on the routers two interfaces..?
                  And on the domain controllers and clients..?

                  I dont know if I should use pfsense as a virtual router..
                  I tried it and it asked to configure one adapter for WAN..
                  but this is just a host-only network that i setup..no connection to internet.
                  I am a newbie to pfsense..so any help will be highly appreciated.
                  I have attached a network diagram, if it helps to clarify a little..
                  Thanks

                  ![TEST NETWORK 2.png](/public/imported_attachments/1/TEST NETWORK 2.png)
                  ![TEST NETWORK 2.png_thumb](/public/imported_attachments/1/TEST NETWORK 2.png_thumb)

                  1 Reply Last reply Reply Quote 0
                  • M
                    marvosa last edited by

                    Don't bridge the adapters, you want to route between them.  Did you define two static routes to route the traffic?  Post the routing table.

                    Also, what default gateway are you handing out on both sides?

                    As far as PFsense as the router….Yes, I believe you can disable NAT and the firewall and configure PFsense as a router only, although I've never tried it.

                    Your other option for PFsense is to keep the WAN interface with nothing attached, but add a 2nd LAN interface.  You could still configure your routing... but you'd have to deal with the firewall rules.

                    1 Reply Last reply Reply Quote 0
                    • G
                      galazus last edited by

                      I have decided to use Windows08R2 server configured as a router?
                      I want to try this first, if it fails, i will try pfsense.
                      this router has two NICs as described in the previous post.
                      At the moment, the clients have their gateways set to the IPs of their respective domain controllers..
                      client1 in network1 has gateway set to 192.168.1.1, and the other client computer has gateway 192.168.2.1.
                      and the domain controllers have gateways set to the IPs of the interfaces of the routers.I.e 192.168.1.4 and 192.168.2.7.
                      I think I have some mix up of gateways here!
                      And what gateways must I give to the network adapters on the router??

                      I still don't understand the logic of bridging or not bridging the two network adapters.
                      what is this bridging in networking terms?
                      I thought the bridge creates some kind of a link, like  for example a serial link between two routers/interfaces.
                      Don't these two NICs require some kind of link?
                      sorry If i ask obvious questions..I try to ask u the experts for help.
                      so please understand that I am only trying to learn exchange 2010 and the networking concepts.I really need to have the clients send email across different domains:-(

                      ![Windows ServerRouter1-2013-11-21-01-01-23.png](/public/imported_attachments/1/Windows ServerRouter1-2013-11-21-01-01-23.png)
                      ![Windows ServerRouter1-2013-11-21-01-01-23.png_thumb](/public/imported_attachments/1/Windows ServerRouter1-2013-11-21-01-01-23.png_thumb)

                      1 Reply Last reply Reply Quote 0
                      • G
                        galazus last edited by

                        i tried to follow that link,
                        but the routing part isnt detailed at all.

                        http://www.vmware.com/support/ws45/doc/network_2host_ws.html

                        1 Reply Last reply Reply Quote 0
                        • M
                          marvosa last edited by

                          A couple things:

                          • Your client's default gateway needs to be the IP of the router in it's own subnet… i.e. in Network 1, your DHCP server should be handing out a router option of 192.168.1.2....and in Network 2, your DHCP server should be handing out a router option of 192.168.2.2

                          • I'm guessing this is a typo, but you have the interfaces of your router listed as 192.162.1.2 and 192.162.2.2…. that's not going to work... if that's not just a typo, they will need to be changed to 192.168.1.2 and 192.168.2.2

                          1 Reply Last reply Reply Quote 0
                          • G
                            galazus last edited by

                            My bad..the IP addresses for the router interfaces are 192.168.1.2.and 192.168.2.2..it was just a typing error..
                            I will change the clients gateways.what about my domain controllers,what Gateways must they have?
                            I will it a try, post my progress here..Thanks again for you time

                            1 Reply Last reply Reply Quote 0
                            • M
                              marvosa last edited by

                              Your DC's should have the router IP as well (in their respective networks).

                              Unless your clients are static… change the default gateway via your DHCP scope settings... then release/renew your clients

                              1 Reply Last reply Reply Quote 0
                              • G
                                galazus last edited by

                                still no luck..thanks for your time..
                                the routing has completely over powered me :D

                                1 Reply Last reply Reply Quote 0
                                • G
                                  galazus last edited by

                                  problem solved ;)

                                  1 Reply Last reply Reply Quote 0
                                  • M
                                    marvosa last edited by

                                    Excellent!  Care to share the resolution?

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post

                                    Products

                                    • Platform Overview
                                    • TNSR
                                    • pfSense Plus
                                    • Appliances

                                    Services

                                    • Training
                                    • Professional Services

                                    Support

                                    • Subscription Plans
                                    • Contact Support
                                    • Product Lifecycle
                                    • Documentation

                                    News

                                    • Media Coverage
                                    • Press
                                    • Events

                                    Resources

                                    • Blog
                                    • FAQ
                                    • Find a Partner
                                    • Resource Library
                                    • Security Information

                                    Company

                                    • About Us
                                    • Careers
                                    • Partners
                                    • Contact Us
                                    • Legal
                                    Our Mission

                                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                    Subscribe to our Newsletter

                                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                    © 2021 Rubicon Communications, LLC | Privacy Policy