Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multi-LAN Routing LAN Subnet1 <–> LAN Subnet2 ?

    Routing and Multi WAN
    5
    6
    1258
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MappleTree last edited by

      Hello Pfsense expert,

      I like to know how can I setup routing between 2 LAN Subnets in the same LAN? 
      Appreciate your help & Thanks in advance.

      My Pfsense interfaces:

      WAN
      LAN1: 192.168.1.1
      LAN2: 192.168.2.1

      LAN Subnet1 <–> LAN Subnet2?

      My initial setup for LAN1 rule does not seem to work. I cannot ping between 2 computers from LAN1 and LAN2

      Proto:  IP4 Any
      Source: Any
      Dest:  : LAN2 Subnet

      Please help me!

      Best Regards
      Minh




      1 Reply Last reply Reply Quote 0
      • C
        CaseyE last edited by

        I could be wrong here (I'm not an expert), but I think the firewall rules on your LAN2 network have to allow from LAN1 and your LAN1 network firewall has to allow from LAN2. It looks like LAN2 is set to allow from LAN2.

        1 Reply Last reply Reply Quote 0
        • M
          MappleTree last edited by

          Thanks I got the problem solved:

          • There are 2 firewall rules I must make sure. (see the attachment)
          • Also make sure Windows firewall does not block ping ICMP
          • Video is here: http://www.youtube.com/watch?v=vVn-MPVNKvI

          Regards
          Minh


          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            Those are not "firewall" rules - those are NAT rules, that pfsense auto created for you - you just switched over to manual to see them.

            Those are NATS for your 2 lan segments to your WAN network, not between themselves.

            edit: Got to be one of the worse video guides I have ever seen..  WTF was he doing in the xml config file - he already had the interfaces in pfsense.  You can modify interface addresses in the gui.  And why is he doing manual nat?

            It takes all of like 30 seconds to bring up another segment in pfsense.  You give it an IP, you create your firewall rule(s) done..  That is 9 minutes of my life I will never get back ;)

            1 Reply Last reply Reply Quote 0
            • T
              timthetortoise last edited by

              Yeah, that was about the most round-about way to achieve the exact same thing that could have been done in the GUI in 1/8 the time. The effort is appreciated, but the understanding is lacking.

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis last edited by

                The OPs first rules will work fine.

                • Also make sure Windows firewall does not block ping ICMP

                This is the critical bit to get the ping to work - nothing to do with pfSense!
                Glad you guys watched the video and gave a review - you saved 9 minutes of my life  ;)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense Plus
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy