Return to Level1Techs.com

pFsense : static route


#1

Dear All,

I am facing to an issue and there is many ways to figure it but need some lights.

We have :

  • 1x PROXMOX server with VM, LACP
  • 1x HPE V1910-48G - WAN and PROXMOX Connection
  • 3x pFsense on VM.
    • PF1
      • WAN connection (5x PUBLIC IP)
      • NAT 1:1
      • LAN 1, 2, 3 To connect to PF2, PF3 (Static Route)
    • PF2
      • WAN connected to PF1 and get PUBLIC IP ADDRESS
      • LAN2 with Subnet
      • ACME Certificate
      • DMZ 2
    • PF3
      • WAN connected to PF1 and get PUBLIC IP ADDRESS
      • LAN3 with Subnet
      • ACME Certificate
      • DMZ 3

Question :

I need to access from subnet LAN2 servers to subnet LAN3 and vice-versa
I need to access from outside to my servers on LAN2 and/OR LAN3 through proxy (https)
I neet to access my DMZ2 and DMZ3 outside
I need to access by openvpn on any subnet of LAN2 and/or LAN3

It will be great if you could highlight me the correct architecture to take.

Best Regards,
Youssef


#2

Do you mean like ‘Three’ PFSense Virtual Machines?

Also, what does ‘PF1, PF2, PF3’ represent here?


#3

Looks like 3 pfSense VMs designated PF1 PF2 PF3 (PF for pfSense I imagine).


#4

Can you draw a diagram to help show the connections you are describing?


#5

Strange, why run separate pfsense instances?

Check this out: https://serverfault.com/questions/760204/pfsense-routing-packets-based-on-source-ip-address