Setting up Gateway
-
The journey from IpCop to PFsense still continues…..
Current IPCOP Setup. 4 ethernet cards:
etho = LAN
eth1 = WAN
eth2 = BLUE (i.e. wireless AP)
eth3 = DMZ (Web, SIP etc servers)eth0 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FF
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6023 errors:0 dropped:0 overruns:0 frame:0
TX packets:6591 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:955773 (933.3 KB) TX bytes:4102758 (3.9 MB)eth1 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FG
inet addr:98.XXX.YYY.ZZZ Bcast:98.AAA.BBB.CCC Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
RX packets:3768 errors:0 dropped:0 overruns:0 frame:0
TX packets:3571 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2124635 (2.0 MB) TX bytes:807496 (788.5 KB)
Interrupt:27 Base address:0x2200 Memory:feb7f000-feb7f038eth2 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FH
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3946 errors:0 dropped:0 overruns:0 frame:0
TX packets:3623 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3415030 (3.2 MB) TX bytes:724744 (707.7 KB)
Interrupt:25 Base address:0x2240 Memory:feb7e000-feb7e038eth3 Link encap:Ethernet HWaddr AA:BB:CC:DD:EE:FI
inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2707 errors:0 dropped:0 overruns:0 frame:0
TX packets:2637 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:938878 (916.8 KB) TX bytes:1551496 (1.4 MB)
Interrupt:20 Base address:0x2400IpCop has a gateway for each network (i.e. 192.168.1.X points to 192.168.1.1. 192.168.2.X points to 192.168.2.2 and lastly 192.168.3.X points to 192.168.3.1)
Currently, the servers on the DMZ network have all fixed IP's and gateway pointing to 192.168.3.1.
What should I set to gateway to in the pfsense configuration?
In other words, the /etc/sysconfig/network-scripts/ifcfg-eth0 for one of the DMZ servers looks as follows:
Broadcom Corporation NetXtreme BCM5703X Gigabit Ethernet
DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.3.255
HWADDR=AA:BB:CC:DD:EE:FM
IPADDR=192.168.3.6
NETMASK=255.255.255.0
NETWORK=192.168.3.0
ONBOOT=yes
GATEWAY=192.168.3.1
TYPE=EthernetHow should I modify it so that it works within a pfsense environment?
Thanks again
Renato
-
Do NOT set any GWs on LANs. Even written in the GUI.
-
doktornotor
Thanks for the reply.
My orange Interface (i.e. the ported DMZ from IpCOp) does have the IPv4 Upstream Gateway set yo "None".
My question was more at the client site. Should I modify the /etc/sysconfig/network-scripts/ifcfg-eth0 on the attached server machine? If so, how?
Current settings:
Broadcom Corporation NetXtreme BCM5703X Gigabit Ethernet
DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.3.255
HWADDR=AA:BB:CC:DD:EE:FM
IPADDR=192.168.3.6
NETMASK=255.255.255.0
NETWORK=192.168.3.0
ONBOOT=yes
GATEWAY=192.168.3.1
TYPE=EthernetThanks again
Renato -
And what IP did you give pfsense on your interface that client is connected too? Yes pfsense would be your gateway off that segment for clients on that segment..
Looks like you set them up as 1.1, 2.1 and 3.1 – so yeah those would be the gateways off those specific segments for clients on those segments.
-
johnpoz
Yes, you are correct, I have created 3 equivalent Interfaces on pfSense,
LAN 192.168.1.1
BLUE 192.168.2.1 and
Orange 192.168.3.1Thanks for your reply.
