Routing specific ranges over OPT1



  • My aim, is to have internet access on the workstations but to route requests to certain IP ranges, over a private intranet (OPT1).

    The range for the intranet is 10.232.*

    WAN is set to DHCP, so there is internet access.

    OPT1 set with an IP of 10.232.10.1/16

    LAN set with 192.168.1.1

    Client machines take an address from the DHCP pool of 192.168.1.100 -> 192.168.1.150

    I would like to have a rule that routes any traffic that has a network destination of 10.232.0.0/16 over the OPT1 link, but under advanced, gateways, I only have the option of WAN.

    What have I done wrong?

    Thanks.


  • LAYER 8 Netgate

    That will happen automatically.

    10.232.0.0/16 and 10.232.10.1/16 are the same network.



  • So should the OPT1 just be a /32?

    I also need to route 10.233.* and 10.122.* over the same interface.


  • LAYER 8 Netgate

    Probably not a /32, no.  A /24 perhaps.  Depends on what you're trying to do.

    You probably need to have a basic understanding of subnetting if you're going to have a prayer at getting this working.



  • OPT1 is just a local subnet to the pfSense.
    You can have client devices on there and pfSense will already know how to route to them.
    Then on OPT1 there can be another router that is the route to 10.233.0.0/16 10.122.0.0/16
    You need to tell pfSense about that router - lets say it is 10.232.10.2 - System->Routing, add a gateway on OPT1 with gateway IP address 10.232.10.2.
    DO NOT edit Interface->OPT1
    System->Routing, Routes tab, add a static route to 10.233.0.0/16 using the gateway you just created.
    repeat for each remote subnet.

    Now pfSense knows how to route to those other subnets.

    If you want to allow traffic coming in from those subnets, then add rule/s to OPT1 to allow traffic with source IPs in those subnet/s.



  • Thanks Phil.


Log in to reply