How to get multiple subnets to connect to the internet using nat?
-
I am working on a project where I am setting up a pfSense router that is connected to two layer 3 switches. The pfSense router is a supermicro 1u Rack Mount router with dual gigabit ethernet nic's, 4 gigs of ram and a D525 processor running the latest version of pfSense. I would like to hook the lan to a layer 3 port on a cisco 3550 switch which is connected to another 3550 switch using a layer 3 port as well. Each switch will have 4 Vlans that are local to the switches and I plan on having the pfSense Router and the 2 switches communicate using OSPF.The DNS and DHCP services will be served by a separate server that is connected to SW1 with each vlan using a IP Helper address to obtain the correct network connection settings.
I would like to configure the VLAN ip's in the 192.168.x.x range to be able to access the internet. Through the pfSense router without having to use vlan's or aliases on the pfsese router as the some of the pfsense documentation has suggested.
So far I am able to get the pfsense router to communicate with the switches and exchange routes correctly using OSPF. However, When I am stumped in trying to get the vlans to access the internet.
How can I allow the vlans in the 192.168.x.x networks through the router to the internet and being nat'ed correctly? Do i need to add particular firewall rules? Is there a Masquerading rules file I have to modify? I am stumped. Any help will be greatly appreciated.
If I can get this to run sucessfully, I will be adding an additional Nic to the server so that I can have a network that has some redundancy to the router.
-
If I remember correctly, I had to go through this same thing. I'm pretty certain firewall rule(s) will need to be put in place allowing the subnets to access the internet. It should just be rules connecting the interfaces to the wan interface. Then again, someone else may have a different solution.