1

I have a pfsense box that I'm trying to plan the configuration for. I am going to be load balancing two ISP's, each with their own /29 static IP subnet. The question I have is in relation to the way those IP's are associated with workstations on the local network.

Currently I have some workstations with local (192.168.1.0/29) IP addresses, and other more complicated workstation setups have their own public IP address. Some of the more complicated systems have a NAT 1:1 configuration where I forward a public IP address to a local IP address. Others however are directly on the ISP subnet and cannot be seen on our local network.

Is this configuration possible with pfsense? If so, what terms should I be looking through the documentation for?

Here is a simple/brief diagram of what I am trying to achieve.

Network Diagram

dannymcc
  • 2,717
  • 10
  • 48
  • 72
  • Just to clarify, do workstations 1 & 3 need connectivity with your private LAN subnet as well? This may be easiest with 3 "LAN" type connections coming off the bottom of your pfSense in your diagram. – Goyuix Dec 06 '12 at 17:11
  • No, workstations 1 & 3 only need connectivity to the ISP. – dannymcc Dec 07 '12 at 11:13
  • If I had 3 LAN connections from the pfSense would I then have three VLANS on switches if I needed each subnet on multiple computers? – dannymcc Dec 07 '12 at 11:14

1 Answers1

0

Yes - I believe this configuration is possible, though I would have at least 5 network adapters on the pfSense router if possible: 2 for the WAN links, and one for each of the workstation networks (3). You would also want to have separate switches or VLANs for each of the LAN-like subnets to keep the traffic on the correct subnets.

One of the trickiest parts will be ensuring you have the correct firewall rules in place on each interface to ensure traffic is allowed to the proper destinations: For example, you may want to allow traffic out to any address from workstation 1 except for the private 192.168.1.0/24 subnet.

Goyuix
  • 3,214
  • 5
  • 29
  • 37