Multiple Subnets on One Interface

HA/CARP/VIPs
Log in to reply
  • S

    I am using PfSense Ver2.0.3-RELEASE (i386). I had only one flat Subnet Class B 172.16.0.0/16. Now we have upgraded our IT infrastructure and created 8 VLAN in the newly upgraded CISCO Layer 3 switches . But to isolate and easy maintenance we have created it in Class A 10.10.0.0/16 /32/21/..etc. And kept all our server including PfSense  in Class B 172.0.0.0 Subnet.

    Now I can get Internet in Class B subnet but not all the Class A. Could you please anybody help me by how do I get internet for the Class A subnet using only one LAN interface.

    Or How do we configure Multiple subnet in a single LAN interface?

    Thanks in advance

    Sabir

    0
  • jimp
    Rebel Alliance Developer Netgate

    1. Make sure your firewall rules allow the traffic to pass from those subnets to the Internet
    2. Make sure your outbound NAT rules cover all of your local subnets

    0
  • M

    @jimp:

    1. Make sure your firewall rules allow the traffic to pass from those subnets to the Internet
    2. Make sure your outbound NAT rules cover all of your local subnets

    It's me again Jimp  ;D

    If I may ask yet another stupid question about the bold; in NAT I have only the auto created rule LAN -> WAN, which was generated by pfSense. Currently I am experimenting with VLANs, I have three of them on 1 NIC, the same one that LAN is on (the other two NICs are WAN1 (vdsl) and WAN2 (cable)). VLAN 30 (192.168.3.1), VLAN40 (192.168.4.1) and VLAN50 (192.168.5.1), all with DHCP-server enabled.

    There are no entries for these VLANs in the NAT-screen, yet I do have internet on them. So I simply concluded 'it works' without messing up anything ( ;D) in the NAT-screen.

    (By now you know that I am stupid  ;D I have the pfSense book, but sometimes I just don't get things  :-).

    0
  • jimp
    Rebel Alliance Developer Netgate

    If you are set to "automatic outbound NAT" then the rules in the list are ignored. If you're on manual outbound NAT, then there must be something in the list matching the subnet(s).

    0
  • S

    Hi jimp,

    Thank you for the quick answer. When I added 'firewall rule' and 'Outbound NAT rule' it works! But now it works only https sites. Not others. Please help.

    Thanks in advance
    Sabir

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy