Setting up Gateway

renatohtpc · Feb 21, 2015, 1:08 PM

The journey from IpCop to PFsense still continues…..

Current IPCOP Setup. 4 ethernet cards:

etho = LAN
eth1 = WAN
eth2 = BLUE (i.e. wireless AP)
eth3 = DMZ (Web, SIP etc servers)

eth0 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FF
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6023 errors:0 dropped:0 overruns:0 frame:0
TX packets:6591 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:955773 (933.3 KB) TX bytes:4102758 (3.9 MB)

eth1 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FG
inet addr:98.XXX.YYY.ZZZ Bcast:98.AAA.BBB.CCC Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
RX packets:3768 errors:0 dropped:0 overruns:0 frame:0
TX packets:3571 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2124635 (2.0 MB) TX bytes:807496 (788.5 KB)
Interrupt:27 Base address:0x2200 Memory:feb7f000-feb7f038

eth2 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FH
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3946 errors:0 dropped:0 overruns:0 frame:0
TX packets:3623 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3415030 (3.2 MB) TX bytes:724744 (707.7 KB)
Interrupt:25 Base address:0x2240 Memory:feb7e000-feb7e038

eth3 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FI
inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2707 errors:0 dropped:0 overruns:0 frame:0
TX packets:2637 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:938878 (916.8 KB) TX bytes:1551496 (1.4 MB)
Interrupt:20 Base address:0x2400

IpCop has a gateway for each network (i.e. 192.168.1.X points to 192.168.1.1. 192.168.2.X points to 192.168.2.2 and lastly 192.168.3.X points to 192.168.3.1)

Currently, the servers on the DMZ network have all fixed IP's and gateway pointing to 192.168.3.1.

What should I set to gateway to in the pfsense configuration?

In other words, the /etc/sysconfig/network-scripts/ifcfg-eth0 for one of the DMZ servers looks as follows:

Broadcom Corporation NetXtreme BCM5703X Gigabit Ethernet

DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.3.255
HWADDR=AA:BB:CC:DD:EE:FM
IPADDR=192.168.3.6
NETMASK=255.255.255.0
NETWORK=192.168.3.0
ONBOOT=yes
GATEWAY=192.168.3.1
TYPE=Ethernet

How should I modify it so that it works within a pfsense environment?

Thanks again

Renato

doktornotor · Feb 21, 2015, 1:06 PM

Do NOT set any GWs on LANs. Even written in the GUI.

renatohtpc · Feb 21, 2015, 1:19 PM

doktornotor

Thanks for the reply.

My orange Interface (i.e. the ported DMZ from IpCOp) does have the IPv4 Upstream Gateway set yo "None".

My question was more at the client site. Should I modify the /etc/sysconfig/network-scripts/ifcfg-eth0 on the attached server machine? If so, how?

Current settings:

Broadcom Corporation NetXtreme BCM5703X Gigabit Ethernet

DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.3.255
HWADDR=AA:BB:CC:DD:EE:FM
IPADDR=192.168.3.6
NETMASK=255.255.255.0
NETWORK=192.168.3.0
ONBOOT=yes
GATEWAY=192.168.3.1
TYPE=Ethernet

Thanks again
Renato

johnpoz · Feb 21, 2015, 1:24 PM

And what IP did you give pfsense on your interface that client is connected too? Yes pfsense would be your gateway off that segment for clients on that segment..

Looks like you set them up as 1.1, 2.1 and 3.1 – so yeah those would be the gateways off those specific segments for clients on those segments.

renatohtpc · Feb 21, 2015, 1:30 PM

johnpoz

Yes, you are correct, I have created 3 equivalent Interfaces on pfSense,

LAN 192.168.1.1
BLUE 192.168.2.1 and
Orange 192.168.3.1

Thanks for your reply.