pfSense question

bigted

[H]ard|DCer of the Month - Oct. 2013
Joined
Jan 20, 2006
Messages
3,334
hey there everyone.

i am trying to set up a 'test' pfsense box to play around with, i am setting it up on actual hardware (not vm) and have a WAN address of 192.168.1.245. my LAN on the box is set up with gateway 192.168.10.1.

i am trying to make it so the 192.168.1.0 network can see/communicate with the 192.168.10.0 network through the WAN port. i haven't tried much as this is the first time i've use pfsense and haven't really dug into it much.

end game i was wanting for this setup is to limit the upload speed of the 192.168.10.0 subnet (which i have figured out).

thanks in advance for any help :)
 

JohnYYC

Weaksauce
Joined
Mar 9, 2011
Messages
71
Sounds like all you may need is a "allow all" rule on the WAN rules table to allow the 192.168.1.0/24(assuming you are using /24) subnet through.
 

memphis_1220

Limp Gawd
Joined
Aug 28, 2004
Messages
499
PfSense is a firewall out of the box. If you want to route between these two networks only I think what you are after is to disable NAT. Otherwise these two networks will be NAT'ed through 1.245. This can be done through System->Advanced I if memory serves.
 

/usr/home

Supreme [H]ardness
Joined
Mar 18, 2008
Messages
6,161
It should do this by default. Check your firewall rules, allow all in both directions.
 

Tytalus

Supreme [H]ardness
Joined
Nov 1, 2006
Messages
4,257
hey there everyone.

i am trying to set up a 'test' pfsense box to play around with, i am setting it up on actual hardware (not vm) and have a WAN address of 192.168.1.245. my LAN on the box is set up with gateway 192.168.10.1.

i am trying to make it so the 192.168.1.0 network can see/communicate with the 192.168.10.0 network through the WAN port. i haven't tried much as this is the first time i've use pfsense and haven't really dug into it much.

end game i was wanting for this setup is to limit the upload speed of the 192.168.10.0 subnet (which i have figured out).

thanks in advance for any help :)

It's possible you're adding the extra pain in this process to learn more about routing, but it probably isn't necessary in this case.

If you have three NICs you could do supernetting instead, which would solve this problem (and provide additional flexibility in the process.) It's what I do with my pfSense box--I have an IP address range that's DHCP that is usable by folks who attend LAN parties in my basement. I have a switch/rack setup that runs wire to the RJ45 outlets in my house and those are all wired on the second NIC, provisioned by DHCP on a separate IP range. I used supernetting so I'm using /23 (or maybe /22 now, can't remember) so these networks can route between each other. The pfSense router has rules in place to rate limit uploads/downloads on the LAN IP address range only.
 

bigted

[H]ard|DCer of the Month - Oct. 2013
Joined
Jan 20, 2006
Messages
3,334
i was trying to do too much, i disabled the dhcp server for the 10.0 network, set that interface to get static IP from original 1.0 network, bridged the WAN and LAN and now everything is happy, and my rule for limiting bandwidth is in place, oh joyous days :)
 
Top