LAN interfaces that only route to a specific WAN interface



  • Part of a consolidation project I need to pull two separate pfSense firewalls into a single firewall. But the LANs and WANs from each other need to operate separately from each other (i.e. the LANs from FW1 should only route to other LANs from FW1 or out thru the WAN from FW1 and the same goes forLANs from FW2). This will allow us to reconfigure all of our web applications one by one.

    Does anyone know the most efficient way to do this?

    FYI, the reason we need to consolidate is because one of the firewalls is having major issues and we don't have the funds to buy a new firewall as a 6 month bandaid.



  • Its pretty straight forward.

    1. Add the new lan interface and set it up with its own subnet and dhcp server if required.
    2. Add new wan interface.
    3. Under firewall rules set the LAN port to the respective wan gateway you want it to use.



  • i have a little different Senior  i have 2 wan and 2 lan one lan1 have different subnet and second Lan have diff my multiple server place on Lan1 i wan one wan can provide the internet to lan and lan2 and second wan only provid server access to outside client but when i add second wan and add firwall rule and Nat rule but its not working
    pahowart can u please help

    Thanks



  • Creating a firewall for each LAN Interface and set the desired Gateway (Internet connection) under the advanced section of the firewall rule.



  • @pahowart:

    Creating a firewall for each LAN Interface and set the desired Gateway (Internet connection) under the advanced section of the firewall rule.

    So every rule has to be touched and modified… ouch. Thanks everyone for the input


Log in to reply