Setting up two internal networks to communicate via pfSense.
-
Sorry everybody, not a huge networking buff, but i'm replacing a router and i need to combine my 192.168.0 and 192.168.2 networks so that they are capable of reaching each other. I figured that it would be simpler but I guess i'm overlooking something, been trying for about a day now, googling, roaming the forums. Not sure why my networks aren't talking. Can anybody give me an idea of how i would have to configure pfSense via the web interface or even the command line to get these two networks combined and also able to access the internet? Thanks!
-
so are these networks both wired, is 1 wireless. Do you have 1 switch or 2, smart/managed? Are you using vlans?
Is one of these networks the wan of pfsense the other the lan? Both lan segments?
-
Screencaps of your interface details and firewall rules would be a good start.
-
thanks for the quick replies! i have all of the ports on the firewall wide open between those two networks and closed to the WAN. I don't have any v-lans as i'm not familiar with them, however i believe they may have been used before with this client as i saw some configuration of vlans on the old router, but it's not functional at this point, i guess i was thinking about possibly just patching the two switches together (all connections are wired) and running everything as one network while keeping the same network schemes and just changing the subnet to /21 so that it includes all of the IP's in question. I'm not too experienced in networking as i said before so any direction even to articles online would be greatly appreciated! Thanks again!
-
And nothing at all to work with..
So you have 2 switches, I take it dumb. How many interfaces does pfsense have? 2 or 3?
So you have a lan and opt1 network? With pfsense having what 192.168.0.1 on lan and 192.168.2.1 on opt1? You seem to understand that you would need a /21 to include 192.168.0.1 to 192.168.2.254 so you have /24 currently
So see the attachment.. This is what you have? And they are not talking? Did you create any rules on opt1 network? Can your devices on your 2 segments ping pfsense? What IPs does pfsense have on your 2 lan segments.. What is the wan connected too? Is this a public IP or another rfc1918 network?
How exactly do you have these switches connected to pfsense? Please post up your firewall rules on your lan and other opt interface - if you have 1?? I am not sure yet that you do.
Can you please draw how you have your stuff connected together? While the lan has a default any any rule, when you create an opt interface it will have no rules - so you would need to create something.. To start with any any just like you have on your lan.. Then you should be good to go.
-
I have the default rule created as well for opt1 as well. The ip address that I've given the interfaces are 192.168.0.110 for the lan ip and 192.168.2.110 for the opt1 interface. At this point I'm not even using switches, just pc's connected directly. The computer on the 192.168.0.0 network is able to reach the 192.168.2.110 address, but not the ip address of the machine itself by pinging it.
-
And do you have the firewall off on the machine or have set it to allow ping - by default the windows firewall blocks ping. Can the 2.x box ping pfsense on 2.110?
-
i can ping the 2.110 address from the 0.0 interface, but not the other way around. both machines on my network allow my to ping when they're not connected to the pfSense device.
-
0.0 interface what interface is that .0 is normally not a valid host address unless for example you were using /23 vs /24 And it wouldn't be valid in your setup with 192.168.0.? 192.168.0.0 would be the network not a host address.
Windows by defaults blocks pings from networks other than the local network.. So while if machine A was on 192.168.1.14/24 and other machine was at 192.168.1.15/24 they could ping each other, but when you move one to 192.168.2.14/24 then the local firewall would block it.
How about answering my question.. Can the box on 192.168.2.x ping the pfsense IP at 192.168.2.110 ?
Can the 2.x box talk to the internet? Can you post the ipconfig /all from these 2 machines?
