4. Routing with 2 pfsense VMs

Routing with 2 pfsense VMs

  • C

    Hi everyone,

    Long time lurker, first time poster.

    I have a noob question here and hoping ya'll could help me out a bit. So I have a virtualbox deployment with the following VMs.

    2x Windows 8.1 Clients
    2x pfSense VMs

    The setup is as follows:

    1st Win 8.1 Client
    IP: 10.10.10.50
    SN: 255.255.255.0
    GW: 10.10.10.1

    1st pfSense
    WAN: 12.34.56.78
    LAN: 10.10.10.1

    2nd Win 8.1 Client
    IP: 172.16.10.50
    SN: 255.255.255.0
    GW: 172.16.10.1

    2nd pfSense
    WAN: 87.65.43.21
    LAN: 172.16.10.1

    My issue is that i'm trying to replicate two remote offices but I cannot ping either IPs on the WAN side of the pfSense routers. I have configured the Routes giving the IP address of the WAN for either side of the pfSense routes.

    I've attached a diagram of what I have in my lab.

    Please let me know if you need more info.

    Thanks in advance for all of your great help!

    -Shawn


    0
  • Netgate

    Are they real WAN IP addresses with real ISP service on both or is it just a lab?

    If the former, check that your WAN firewall rules pass the traffic you're trying to pass (like ICMP if you want to ping.)

    If the latter you are going to need a third router. One that has both WAN subnets on interfaces and freely routes between them. It would be taking the place of "The Internet." I'd be inclined to use a layer 3 switch for it, but another pfSense instance would do fine too if you wanted to keep it all in the virtual environment. Both existing pfSense instances would have the appropriate interface on the third pfSense as its default gateway.

    0
  • C

    Thanks Derelict!

    Yes this is 100% lab environment. I will put in place what you have outlined below and let you know my outcome.

    0
  • C

    Alright, so everything went well yesterday, but I have one more question.

    The new pfSense vm I built it with the 10.x.x.x network for both WAN and LAN and put the two original pfSense vms on the same network 10.x.x.x for WAN, I kept my LAN on the original 172.16 and 10.10 respectively. Now my question is what if I wanted to replicate a real world scenario where the WAN parts of the vms are all different just like in the real world how could I have Site A talk to Site B when they have different WAN IPs?

    Thanks

    Shawn

    0
  • Netgate

    If the latter you are going to need a third router. One that has both WAN subnets on interfaces and freely routes between them. It would be taking the place of "The Internet."

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy