Routing with 2 pfsense VMs
-
Hi everyone,
Long time lurker, first time poster.
I have a noob question here and hoping ya'll could help me out a bit. So I have a virtualbox deployment with the following VMs.
2x Windows 8.1 Clients
2x pfSense VMsThe setup is as follows:
1st Win 8.1 Client
IP: 10.10.10.50
SN: 255.255.255.0
GW: 10.10.10.11st pfSense
WAN: 12.34.56.78
LAN: 10.10.10.12nd Win 8.1 Client
IP: 172.16.10.50
SN: 255.255.255.0
GW: 172.16.10.12nd pfSense
WAN: 87.65.43.21
LAN: 172.16.10.1My issue is that i'm trying to replicate two remote offices but I cannot ping either IPs on the WAN side of the pfSense routers. I have configured the Routes giving the IP address of the WAN for either side of the pfSense routes.
I've attached a diagram of what I have in my lab.
Please let me know if you need more info.
Thanks in advance for all of your great help!
-Shawn
-
Are they real WAN IP addresses with real ISP service on both or is it just a lab?
If the former, check that your WAN firewall rules pass the traffic you're trying to pass (like ICMP if you want to ping.)
If the latter you are going to need a third router. One that has both WAN subnets on interfaces and freely routes between them. It would be taking the place of "The Internet." I'd be inclined to use a layer 3 switch for it, but another pfSense instance would do fine too if you wanted to keep it all in the virtual environment. Both existing pfSense instances would have the appropriate interface on the third pfSense as its default gateway.
-
Thanks Derelict!
Yes this is 100% lab environment. I will put in place what you have outlined below and let you know my outcome.
-
Alright, so everything went well yesterday, but I have one more question.
The new pfSense vm I built it with the 10.x.x.x network for both WAN and LAN and put the two original pfSense vms on the same network 10.x.x.x for WAN, I kept my LAN on the original 172.16 and 10.10 respectively. Now my question is what if I wanted to replicate a real world scenario where the WAN parts of the vms are all different just like in the real world how could I have Site A talk to Site B when they have different WAN IPs?
Thanks
Shawn
-
If the latter you are going to need a third router. One that has both WAN subnets on interfaces and freely routes between them. It would be taking the place of "The Internet."
