Connecting two pfSense instances over LAN

  • Hi all,

    I want to connect two LAN interfaces using two pfSense instances (both on VMWare). I've followed this guide: to setup the instances. My setup now is as follows:

    Site A:
    WAN (Internet)
    LAN (Connected to Site B LAN)

    Site B:

    WAN (Internet)
    LAN (Connected to Site A LAN)

    What I want to achieve is that boxes in Site A's DMZ can talk to boxes in Site B's DMZ through the LAN connection and vice versa.

    I am not a network guru, but I understand I have to setup a route on each pfSense instance.

    I have setup a Static Route on Site B:

    Network / Gateway / Interface LANGW - LAN

    But without luck.

    Ping from a Site B DMZ box results in a "Destination Host Unreachable"

    Do you guys have any suggestion?

    Thanking you in advance,


  • To get it working the way I think you want it, you will need to either add another NIC or put all your PC's in the "DMZ" and use that as the LAN on both sites.  Here are some corrections:

    • If Site A is directly connected to Site B via the interface labeled "LAN" and you want to pass traffic across that direct link, both "LAN" interfaces need to be in the same subnet.  e.g. change Site B LAN to or change Site A LAN to

    • Your static routes are configured incorrectly.  Lets assume you change site B's LAN to, your static routes should look like this:

      Site B
      Network / Gateway / Interface  |  |  LAN

      Site A
      Network / Gateway / Interface  |  |  LAN

    Assuming you have any/any firewall rules on all your interfaces, your "DMZ" subnets should now be able to communicate.

Log in to reply