On the pfSense firewall? Nothing. You need to change your routers.
Ideally, your MPLS routers are using BGP. Then on the site 1 router under the
BGP section you can tell it to advertise the 0.0.0.0 route by adding "network
0.0.0.0" and make sure you have a static route on that router for 0.0.0.0 to
the firewall. Site 2 should then use the MPLS router as their default gateway
instead of the firewall. As an added bonus you can have site 2 failover to
their local internet when the MPLS is down by adding a lower metric (255)
default route that will kick in when the BGP advertised route disappears when
the MPLS goes down.
----- Reply message -----
From: "faisal.gill...@akesp.org" <faisal.gill...@akesp.org>
To: "dragonator" <dragona...@sleepydragon.net>, <list@lists.pfsense.org>
Subject: [pfSense]Gateway on a gateway...
Date: Fri, May 16, 2014 11:27 PM
When i try to do this .. Pfsense gives me error that firewall is not local to
my subnet which is ..
172.16.1.16 on subnet 255.255.248.0
Branch router is on 172.16.11.0/24 which connects to firewall subnet via MPLS
provider router i.e 10.152.8.117/30
So what to do ?
Regards
Sent from my HTC
----- Reply message -----
From: "dragonator" <dragona...@sleepydragon.net>
To: <faisal.gill...@akesp.org>, <list@lists.pfsense.org>
Subject: [pfSense] Gateway on a gateway...
Date: Sat, May 17, 2014 12:51 AM
Change route on the site 2 gateway to route all traffic to that firewall.
Sent via the Samsung Galaxy S™ III, an AT&T 4G LTE smartphone
-------- Original message --------
From: faisal.gill...@akesp.org
Date: 05/15/2014 19:39 (GMT-05:00)
To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org>
Subject: [pfSense] Gateway on a gateway...
II have two networks connected together with an MPLS network all the clients on
both networks can access each other.
Site 1( 172.16.0.0/21) has a packet filtering multi WAN firewall (172.16.1.16)
on its local subnet which local clients connect to use internet.
Site 2 (172.16.11.0/24) clients connects to local router (172.16.11.17) which
routes all site 1 destend traffic to site 1 router (172.16.0.17). all site 2
clients have the ip of site 2 router which is (172.16.11.17) in their default
gateway.Now i want clients on site 2 to use my packet filtering firewall
(172.16.1.16) for their internet needs so how do i define this which out
breaking the already communication
can anyone guide me in this ?
Sent from my HTC
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
