On 2011-11-29 11:53, David Burgess wrote:
On Tue, Nov 29, 2011 at 9:27 AM, Ugo Bellavance<u...@lubik.ca> wrote:
I attached a diagram of what I would like to achieve.
You can achieve that without NAT. Simply set up pfsense with two
interfaces, addressed 172.30.100.254/24 and 192.168.99.4/24
respectively. Now, depending on whether you want to do any firewalling
between these two networks, you have two options:
A (with firewalling). Create a PASS rule on each interface permitting
the traffic that you want to permit through to the other network. Turn
off Automatic Outbound NAT and delete all of the automatically created
rules.
B (no firewalling). Go to System: Advanced: Firewall and NAT and check
the option "Disable all packet filtering".
In either case, the hosts on both networks will need a static route to
the other network (assuming pfsense is not their default route, ie,
they have internet through another router).
db
I know, but we didn't want to do any routing because subnets may change
and overlap in the future, since this is two distinct organizations.
Ugo
_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
