Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NooB Question

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      bigmatlem
      last edited by

      I am new to PfSense and need some help.  I'm migrating from DD-WRT hey laugh all you want I like it.  Anyway I am confused by not being able to route using IPtables.  I have Cox internet with static IP addresses.  Cox gives me a gateway set and another public set behind the gateway which I used vlan to route in dd-wrt.  Here is a small graphic of it…

      Static IP used as gateway address:  123.456.789.012 / 28
                  vlan other public addresses: 210.987.654.321
                  use ip tables to move 210.987.654.321 to 192.168.xxx.xxx addresses

      In PFSENSE do gatway the 123 addresses then input vlan with 210 then manually input the 192 addresses in the firewall?

      1 Reply Last reply Reply Quote 0
      • M Offline
        muswellhillbilly
        last edited by

        @bigmatlem:

        Anyway I am confused by not being able to route using IPtables.

        PfSense doesn't use iptables. Iptables is a scripted system which manipulates the tables within the Linux (not BSD) kernel.
        @bigmatlem:

        In PFSENSE do gatway the 123 addresses then input vlan with 210 then manually input the 192 addresses in the firewall?

        No idea what you're asking here. I think it may have something to do with port-forwarding, but I'd rather not just guess.

        1 Reply Last reply Reply Quote 0
        • B Offline
          bigmatlem
          last edited by

          My question I guess is how do I route the vlan to the private IP addresses.

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            So cox routes a network segment to your public..

            "Cox gives me a gateway set and another public set behind the gateway"

            So for example you have 1.2.3.0/30 with 1.2.3.1 being cox gateway and 1.2.3.2 being your wan public IP.  And they gave you say 4.5.6.0/29 which you want to use behind pfsense.

            Well create a interface on pfsense say lan or opt1 and give it 4.5.6.1/29 and then your device in this network/vlan could be 4.5.6.2, .3, .4, etc.. using 4.5.6.1 as their gateway.

            You would make sure pfsense is not natting this - and there you go done deal.

            Or do you want to use this 4.5.6.0/29 on pfsense wan and nat it to a private range of say 192.168.6.0/29 ??  You could do that as well with 1:1 natting.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07 | Lab VMs 2.8, 25.07

            1 Reply Last reply Reply Quote 0
            • B Offline
              bigmatlem
              last edited by

              Thanks guys you got me on track.  I also just bought the book so here we go.  Another notch on my belt.

              1 Reply Last reply Reply Quote 0
              • R Offline
                Ramosel
                last edited by

                It was actually a good question….  But your subject line stunk.

                You'll really find it helpful for you and those that follow when your subject lines have real meaning or at least contextual meaning...  not "NooB Question".  You're "NooB Question" would be a great opening line in the message body.

                I still keep a Linksys e4200 with the latest, tested DD-WRT beta from Seb (physically) sitting at my network entry as a backup for my pfSense box.  Sometimes I throw it online to confirm network issues are in my configuration - It can be a real sanity check.  You'll find pfSense and its packages are so much more powerful but for testing connectivity, DD-WRT just works.

                Rick

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.