Internal interVLAN configuration
I'm completely new to pfSense… I'm writing you because I need some suggestion. I need to configure an extra layer of security on some VLAN with sensitive servers. I wish to filter all the data access to these VLAN with a couple of pfSense servers in CARP.
these 2 pfSense servers should be the default gateways for the protected servers and the other servers and client in the domain.
Right now our core switches are doing the routing between the vlans.
What I wish to know is the following:
- someone is using pfsense for intervlan filtering?
- how should I configure the pfsense? what is the WAN? and the LAN?
- there are some best practices to follow? or some tips and tricks?
- I wish to move the routing in order to point to the pfsense ip. is it correct?
thank you for helping me
So anyone using pfsense with more than one network segment/vlan on it is doing "intervlan" routing between those segments.
If if your going to use pfsense to firewall/router between your networks then it would be the gateway for those networks.
what is your wan now? That would be your wan in pfsense, what are you networks - those would be on the "lan" side of pfsense - as to which one is actually connected to "lan" that would be up to you.. Those are only names on the interfaces.. Lan is no different than any other segment on your local side other than its there out of the box with any any rules on it.. While when you add other interfaces they will not have any rules on them.
thank you for your reply.
For the WAN: right now there is no WAN on these servers. they aren't allowed to go to Internet. Right now the default gateway of these servers is the core switch were all the vlans are pointing as default gateways.
Should I still use this as Default gateway on pfsense? by doing this I don't have any WAN but only a LAN with a default gateway, correct?
thank you a lot