Dual WAN setup on ESXi 5.5 (6 physical NIC's) - $40 - Paypal



  • I think I have this pretty much figured out, I'm just having some trouble getting the interface IP's and gateways figured out.

    I have a cable and DSL connection.  My external IP for my cable is static and my DSL is dynamic.  My cable modem has a modem and DSL has a modem/router combo.  My cable modem IP is 192.168.100.1 (as it stands with my router setup now) and my DSL modem adress by default is 192.168.254.254 but I can change it to 192.168.x.x (set now to 192.168.2.254 & 192.168.2.1 for the LAN access - I dont' really understand the differences between these two addresses).

    I'm confused as to what to set the IP addresses to for the gateways of eachof these LAN's when I setup PFsense. I want a 192.168.1.0 LAN network, so I am guessing my LAN address (physical NIC) should be set  to 192.168.1.1 but I don't know what gateway the LAN should have since it has 2 WAN's.

    I need to know what to set the WAN1, WAN2 & LAN interface IP's and gateway's to.

    Do I use the modem addresses as the gateway's?  Also what about the DNS servers?

    WAN1 - Cable - Interface IP (static of DHCP) = ???  Gateway??
    WAN2 - DSL - Interface IP (static or DHCP) = ???  Gateway ??
    LAN - Static IP 192.168.1.1 - Gateway??

    Routing groups??

    I have some screen shots for the person who wants to help out. I can pay via paypal if you have that.

    HEre is the post I made about the issue I was having:

    I'm stumped on figuring out how to setup my interfaces and gateways. I have a cable and dsl connection. My cable setup has a static IP, a modem address of 192.168.100.1 and my DSL setup is a modem/router which by default is 192.168.254.254 but I've managed to get it set to 192.168.2.1 for the internal address and 192.168.2.254 for the admin page.

    I'm running pfsense on an ESXi server, it has 2 onboard and a 4 port NIC.  I think I have the NIC's setup correctly in VMware but I'm not totally sure as I've never assigned physical NICs to a VM before.
    (I'm probably going to be teaming the 2 LAN NIC's and DMZ NIC's)

    This is how the interfaces are setup on the command line - these addresses have been changed but the interface name and the NIC #/ID is still the same. When I was using this config I could ping from everything but the DMZ (it wasn't setup)

    Here is the interfaces page.  I edited out the IP address because I think it was showing my static IP.  It does show that I am gpulling the address via DHCP with this setup.

    Dashboard view:

    Gateways - I don't know why WAN1Calbe isn't working - I have that NIC set to DHCP and I don't think I can set a gateway.

    The DNS's for the gateways:

    Gateway Groups - WAN1Cable is offline… IDK what I need to do

    Firewall Rules - Looks good to me

    System Gateways - Looks fine IMO - but what do I know..

    So what I want to do is set my LAN address range 192.168.1.1-192.168.1.254. with the router address as 192.168.1.1  .    I can change the address of my DSL modem to 192.168.1.254 (Which I think would be alright, but I don't know how the router would act on the unit being on the same network).

    Here is my router config from the cable modem.

    Here is the config of my DSL modem:

    If anyone could maybe shed some light on the following:
    1. What whould I set my WAN2_DSL modem/router IP address to?  (I can disable the internal LAN address on the device, which I think might be best..?) What should the gateway be?
    2. What should I set my WAN1_Cable interface to (cable modem address is 192.168.100.1) and what gateway should I use?
    3. I want to set my LAN address to 192.168.1.1 but again I don't know what gateway to use.

    What I found really strange is that above you see in 3 images above, that the WAN connection (Internet port)  is set to DHCP and is pulling an address that is my external IP (static) I believe, yet when I set pfsense NIC to DHCP I don't pull the same IP address.

    I want to thank anyone for any help they can provide on this.  I think all the issues with install really frazzled me and I'm psyching myself out here.



  • Seeing the screen snap of shell interface and GUI, which are contradict each other would you confirm the subnet mask for the WAN2DSL?
    which is that your WAN2DSL(em01) IP should be /24, which is subnetmask to 255.255.255.0

    -MM


  • LAYER 8 Global Moderator

    "& LAN interface IP's and gateway's to. "

    Why do people not get this??  Why would you set a GATEWAY on a LAN firewall interface??  I just don't get it – but every single day there are like multiple posts where this is the problem!!

    A gateway is an address a device uses to get OFF the network its on..  pfsense has this on its WAN -- this is how it gets to the internet.  Is there some address on its lan segments that it can use to get off that segment?  Then why would you set a gateway?

    Devices on your lan segment would use the IP address of pfsense lan interface - this is how they GET off the lan segment.  They say hey I need to to talk to something 192.0.2.42 that is not on 192.168.x.0/24 -- where should I send this traffic.  Oh my gateway (pfsense) it will know where to send it!!  Pfsense gets this traffic and says oh -- I don't have any interfaces in that network, so I will send it out my gateway (internet).  I knows this because of its routing table.

    What I don't understand is people wanting to setup a complicated VM setup with multiple network segments, multiple internet connections and don't understand even the basic concepts of what a gateway is.. Just blows my mind!!

    As to figured out -- no your not even close.. Why do you have 192.168.100.1 em3 interface (dmz)??  Thought you said already that was your modems address..  Why would you set a gateway of 192.168.1.99 for DMZ?

    Why do you have 2 physical interfaces connect to your esxi vswitches? lan and dmz??  Do you really have that much bandwidth - are you teaming?  To what switch?  I would break out your vmkern to its own interface if not its own segment for security.

    If you want to setup some time for a Team Viewer session I would be happy to get it working for you - as to your bounty.. That can be donated to pfsense.


Log in to reply