[pfSense Support] Multiple WANs on a Single Bridge
Hi Everyone, I have been trying to figure out how to setup multiple wan networks on a single bridge. For instance: 111.111.111.111/25 - em0/bridge0/opt1 - internal servers 222.222.222.222/25 - em0/bridge0/opt1 - internal servers I see a way to add a virtual IP in the Firewall section, but not to add a VIP to the em0 Interface. I have em0 bridged with em1 and my bridge is setup with allowing certain ports through to internal servers, each server has an external IP so I have to use bridged mode, not NATing. Any help would be much appreciated. Thanks Joe -- This message has been scanned for viruses by Colocube's AV Scanner - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple WANs on a Single Bridge
On Thu, Jun 25, 2009 at 3:43 PM, Joseph Hardemanjharde...@colocube.com wrote: Hi Everyone, I have been trying to figure out how to setup multiple wan networks on a single bridge. For instance: 111.111.111.111/25 - em0/bridge0/opt1 - internal servers 222.222.222.222/25 - em0/bridge0/opt1 - internal servers Nothing to it, if what you really need is a bridge. If the gateway IP is outside the firewall, it's no different to use two subnets than it is one. If the gateway IP isn't outside the firewall, you don't need bridging, you need a routed public IP subnet on an OPT interface. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple WANs on a Single Bridge
Chris, Thanks for your reply, I found this out earlier today. Yes, all of the gateways are outside of the firewall so when I changed the IP on my laptop after getting the firewall upgraded it was able to get out with no problem. Again, thank you for your reply. I appreciate it. Joe Chris Buechler wrote: On Thu, Jun 25, 2009 at 3:43 PM, Joseph Hardemanjharde...@colocube.com wrote: Hi Everyone, I have been trying to figure out how to setup multiple wan networks on a single bridge. For instance: 111.111.111.111/25 - em0/bridge0/opt1 - internal servers 222.222.222.222/25 - em0/bridge0/opt1 - internal servers Nothing to it, if what you really need is a bridge. If the gateway IP is outside the firewall, it's no different to use two subnets than it is one. If the gateway IP isn't outside the firewall, you don't need bridging, you need a routed public IP subnet on an OPT interface. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- This message has been scanned for viruses by Colocube's AV Scanner
[pfSense Support] Multiple WANs in same subnet
Greetings list, Another slightly unusual network setup I'd be really grateful for some advice with: ISP has provided 2 DSL connections with the same routed subnet - but not bonded (routers on a.b.c.1 and a.b.c.2). Is it possible to load balance between the 2 default gateways (.1 and .2) with only 2 interfaces, i.e. LAN and WAN ? Thanks in advance. Regards, Chris -- C.M. Bagnall, Director, Minotaur I.T. Limited For full contact details visit http://www.minotaur.it This email is made from 100% recycled electrons - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Multiple WANs
You do not need Advanced Outbound NAT. In your firewall rules , on the LAN interface change the default rule so that the gateway is your pool. This will load balance your traffic. Take a look at http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing - this is a recently updated doc and will help. sai On 7/5/07, William Smith [EMAIL PROTECTED] wrote: Hi, I have 3 WANS. Each has a static ip assigned by the ISP based on login. I have the router/modems set to login and give each of my WAN interfaces an IP. 192.168.2.10, 192.168.1.10 and 192.168.0.10. (I also DMZed those IPs in the router/modems so that I can do NAT with pfsense) I setup a pool in load balancer to point to the ips of the router/modems, 192.168.2.1, 192.168.1.1 and 192.168.0.1. These show up as online in the load balace status. Now this is where I am stuck. I enable advanced outbound nat, and at this point I need some definitive instruction. I have read the load balace pdf but I must be missing something. I know I need rules but I am totally confused. Thanks in advance for any help or pointers. Oh, in addition my LAN is 10.20.100.0/24 and as long as I leave advanced outbound nat off, I get traffic through one of the WANS. And by the way, we could never afford the appliance to do this, pfsense is great for non profit orgs like our library, keep up the EXCELLENT work. This thing is awsome. Best Regards, Bill [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Multiple WANs
Hi, I have 3 WANS. Each has a static ip assigned by the ISP based on login. I have the router/modems set to login and give each of my WAN interfaces an IP. 192.168.2.10, 192.168.1.10 and 192.168.0.10. (I also DMZed those IPs in the router/modems so that I can do NAT with pfsense) I setup a pool in load balancer to point to the ips of the router/modems, 192.168.2.1, 192.168.1.1 and 192.168.0.1. These show up as online in the load balace status. Now this is where I am stuck. I enable advanced outbound nat, and at this point I need some definitive instruction. I have read the load balace pdf but I must be missing something. I know I need rules but I am totally confused. Thanks in advance for any help or pointers. Oh, in addition my LAN is 10.20.100.0/24 and as long as I leave advanced outbound nat off, I get traffic through one of the WANS. And by the way, we could never afford the appliance to do this, pfsense is great for non profit orgs like our library, keep up the EXCELLENT work. This thing is awsome. Best Regards, Bill [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Multiple WANs, different routes but not fail over?
Hi guys Just recently subscribed (today). I'm from South Africa and I have a situation where the local DSL is not that reliable so we need to install a diginet leased line as well. The leased line will have a static IP address whilst the DSL will connect via PPPoE and have a dynamic IP address. Question is, can I use the leased line (static IP) and create a route for all incoming and outgoing email and then redirect this traffic to an internal mail server (sendmail). All other non critical traffic like 80, 443, 21, etc will be accessed via the DSL line. Is this scenario possible and what would the default gateway be? I'm guessing the DSL link? So not a fail over rather a multiple WAN link set-up. Thanks in advance. Cheers Hilton begin:vcard fn:H I L T O N R A L P H S n:Ralphs;Hilton email;internet:[EMAIL PROTECTED] tel;work:+2711-326-0018 tel;fax:+2711-886-0882 tel;cell:+2782-572-9619 x-mozilla-html:FALSE version:2.1 end:vcard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: [pfSense Support] Multiple WANs, different routes but not fail over?
You are talking about policy based routing. pfSense can do this kind of routing. Configure the WAN interface with the PPPoE-settings and one of your OPTx interfaces with the static settings of the other line. Don't forget to enter the gateway there. Then check out your firewall rules at you LAN interface. Create pass rules adressing the traffic you were speaking about. At the bottom of each rule page you find a setting called gateway. Select the desired gateway for that kind of traffic and you are done. Holger -Ursprüngliche Nachricht- Von: H I L T O N R A L P H S [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 31. Januar 2006 14:49 An: support@pfsense.com Betreff: [pfSense Support] Multiple WANs, different routes but not fail over? Hi guys Just recently subscribed (today). I'm from South Africa and I have a situation where the local DSL is not that reliable so we need to install a diginet leased line as well. The leased line will have a static IP address whilst the DSL will connect via PPPoE and have a dynamic IP address. Question is, can I use the leased line (static IP) and create a route for all incoming and outgoing email and then redirect this traffic to an internal mail server (sendmail). All other non critical traffic like 80, 443, 21, etc will be accessed via the DSL line. Is this scenario possible and what would the default gateway be? I'm guessing the DSL link? So not a fail over rather a multiple WAN link set-up. Thanks in advance. Cheers Hilton Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: [pfSense Support] Multiple WANs, different routes but not fail over?
Holger Bauer wrote: You are talking about policy based routing. pfSense can do this kind of routing. Configure the WAN interface with the PPPoE-settings and one of your OPTx interfaces with the static settings of the other line. Don't forget to enter the gateway there. Then check out your firewall rules at you LAN interface. Create pass rules adressing the traffic you were speaking about. At the bottom of each rule page you find a setting called gateway. Select the desired gateway for that kind of traffic and you are done. Holger Wow, this sounds good to me. Thanks for that Holger, I'll try it out. Cheers Hilton begin:vcard fn:H I L T O N R A L P H S n:Ralphs;Hilton email;internet:[EMAIL PROTECTED] tel;work:+2711-326-0018 tel;fax:+2711-886-0882 tel;cell:+2782-572-9619 x-mozilla-html:FALSE version:2.1 end:vcard - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: [pfSense Support] Multiple WANs
Holger Bauer wrote: using the same gateway for both wans won't work as you can't specify rules for this I think. the rules are applied to a gateway and with both gateways the same... :-/ you might have to come up with a workaround like having a nated router in front of one connection to use this as gateway on one wan and put the pfsense in the dmz of this router. I'm trying to avoid needing more then one router, if I go that route then I don't need multiple interfaces in pfSense at all :) That being said, I might be able to force a different gateway -- I'll do a bit of experimenting. Thanks! -- There are two times when a man doesn't understand a woman before marriage and after marriage. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Multiple WANs
Technically, we do put the interface in the rule when it's created. But I can guarantee we'll only snag the first one. So, while you can enter the same IP multiple times in a pool (artificially creating a ratio based round robin) I'd be willing to bet that we don't correctly support this on one device. --BillOn 9/5/05, Scott Ullrich [EMAIL PROTECTED] wrote: On 9/5/05, Holger Bauer [EMAIL PROTECTED] wrote: using the same gateway for both wans won't work as you can't specify rules for this I think. the rules are applied to a gateway and with both gateways the same... :-/ you might have to come up with a workaround like having a nated router in front of one connection to use this as gateway on one wan and put the pfsense in the dmz of this router.You *possibly* could create a load balancing pool with 1 device in it.Select this as your gateway from the rules. Again, haven't testedthis so I'm not sure if it will work or not.Scott -To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Multiple WANs
On 9/5/05, Dave Warren [EMAIL PROTECTED] wrote: Quick question -- I'm looking at pfSense, and wondering if it's possible to use two WAN interfaces which receive their IPs via DHCP, and also if it's a problem if they share default gateways? Long story short, I have two connections to the same ISP and would like to direct some traffic to one, and some traffic to the other. Can I do this? Yes, DHCP on multi-wan is supported. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Multiple WANs
On 9/5/05, Holger Bauer [EMAIL PROTECTED] wrote: using the same gateway for both wans won't work as you can't specify rules for this I think. the rules are applied to a gateway and with both gateways the same... :-/ you might have to come up with a workaround like having a nated router in front of one connection to use this as gateway on one wan and put the pfsense in the dmz of this router. You *possibly* could create a load balancing pool with 1 device in it. Select this as your gateway from the rules. Again, haven't tested this so I'm not sure if it will work or not. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
