Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 5:33 PM, Jesse Vollmarvollm...@gmail.com wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Depends on exactly how they're routing them to you, and how you want to use them. If you want to use them with NAT, and you aren't using CARP, just add them as Other VIPs. IPs that are routed to you do not need ARP. If you're using CARP, add them as Other VIPs and make sure the ISP is routing that new subnet to a CARP VIP. If you want to directly assign the public IPs on inside systems, add another interface for the new subnet, whether physical or VLAN (this has nothing to do with the ISP, it's your internal network). Alternatively you can put both subnets on the same inside interface, but I would avoid that. http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Tue, Aug 18, 2009 at 1:52 AM, Chris Buechlerc...@pfsense.org wrote: On Mon, Aug 17, 2009 at 5:33 PM, Jesse Vollmarvollm...@gmail.com wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Depends on exactly how they're routing them to you, and how you want to use them. If you want to use them with NAT, and you aren't using CARP, just add them as Other VIPs. IPs that are routed to you do not need ARP. If you're using CARP, add them as Other VIPs and make sure the ISP is routing that new subnet to a CARP VIP. If you want to directly assign the public IPs on inside systems, add another interface for the new subnet, whether physical or VLAN (this has nothing to do with the ISP, it's your internal network). Alternatively you can put both subnets on the same inside interface, but I would avoid that. http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org So, in a way I was right...sometimes I get nervous speaking in English. -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Depends on exactly how they're routing them to you, and how you want to use them. If you want to use them with NAT, and you aren't using CARP, just add them as Other VIPs. IPs that are routed to you do not need ARP. If you're using CARP, add them as Other VIPs and make sure the ISP is routing that new subnet to a CARP VIP. If you want to directly assign the public IPs on inside systems, add another interface for the new subnet, whether physical or VLAN (this has nothing to do with the ISP, it's your internal network). Alternatively you can put both subnets on the same inside interface, but I would avoid that. http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org I'm not using CARP and I would like to use them with NAT. According to that, your reccomendation would be to use other VIPs. My only question is, will they route properly since the ISP has this new subnet using a different gateway address than the first subnet. On my interface the gateway is defined, but it isn't be the gateway for my new VIPs. I think they would need a different route. This makes me think that I either have to add another interface, or do multiple subnets on the same interface. Am I right? Thanks for the help everyone!
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Tue, Aug 18, 2009 at 8:59 AM, Jesse Vollmarvollm...@gmail.com wrote: I'm not using CARP and I would like to use them with NAT. According to that, your reccomendation would be to use other VIPs. My only question is, will they route properly since the ISP has this new subnet using a different gateway address than the first subnet. Is it really a gateway address, i.e. they have it assigned on their router, or are they actually routing you the entire IP block? Ideally it will be the latter, they can and should be routing additional space to one of your existing addresses. Then you can setup the full subnet on an internal interface or VLAN without any ARP, or use it in combination with NAT using Other VIPs. If they insist on having the gateway IP on their equipment (they shouldn't, I would refuse that if it were my ISP), you're probably stuck bridging an internal interface or VLAN to WAN, though proxy ARP might work depending on how they have things setup. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Tue, Aug 18, 2009 at 8:39 PM, Chris Buechler c...@pfsense.org wrote: Is it really a gateway address, i.e. they have it assigned on their router, or are they actually routing you the entire IP block? Ideally it will be the latter, they can and should be routing additional space to one of your existing addresses. Then you can setup the full subnet on an internal interface or VLAN without any ARP, or use it in combination with NAT using Other VIPs. If they insist on having the gateway IP on their equipment (they shouldn't, I would refuse that if it were my ISP), you're probably stuck bridging an internal interface or VLAN to WAN, though proxy ARP might work depending on how they have things setup. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Part of the problem is that I am not exactly sure how they are delivering the IPs. The ISP is Charter. I purchased from them a static 5 pack which is a /29 routed subnet according to them. Here is what they sent me (I replaced the actual numbers): Ok got the 5pack on the router: IP 66.188.xx.b to .c *Subnet 255.255.255.248 Gateway 66.188.xx.a* I am going to ask that technician about it tomorrow and see what exactly he configured. Just to recap though, that IP info above doesn't line up with the ranges from my other subnet. The info for the other subnet has a different Gateway address than that one.
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Tue, Aug 18, 2009 at 10:08 PM, Jesse Vollmarvollm...@gmail.com wrote: Part of the problem is that I am not exactly sure how they are delivering the IPs. The ISP is Charter. I purchased from them a static 5 pack which is a /29 routed subnet according to them. Here is what they sent me (I replaced the actual numbers): Ok got the 5pack on the router: IP 66.188.xx.b to .c Subnet 255.255.255.248 Gateway 66.188.xx.a I am going to ask that technician about it tomorrow and see what exactly he configured. Just to recap though, that IP info above doesn't line up with the ranges from my other subnet. The info for the other subnet has a different Gateway address than that one. On cable you may be stuck with no other option than NAT or bridging, cable ISPs tend to be much less flexible with routing. Proxy ARP + NAT should work, you can disregard the gateway in that case assuming it's an IP alias on your current WAN gateway. If you bridge, you're going to need extra routing setup to get from the public IP hosts on the bridge to the other networks behind the firewall, since Charter isn't going to route your internal networks back to your firewall and your gateway is going to be that IP on your cable modem. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On cable you may be stuck with no other option than NAT or bridging, cable ISPs tend to be much less flexible with routing. Proxy ARP + NAT should work, you can disregard the gateway in that case assuming it's an IP alias on your current WAN gateway. If you bridge, you're going to need extra routing setup to get from the public IP hosts on the bridge to the other networks behind the firewall, since Charter isn't going to route your internal networks back to your firewall and your gateway is going to be that IP on your cable modem. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org NAT is fine with me, but that gateway isn't a VIP on my WAN. Are you saying that I would need to add it?
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Tue, Aug 18, 2009 at 10:39 PM, Jesse Vollmarvollm...@gmail.com wrote: NAT is fine with me, but that gateway isn't a VIP on my WAN. Are you saying that I would need to add it? Ignore the gateway, you just need proxy ARP VIPs for the usable IPs. The gateway is just an alias on your cable modem, same as your WAN gateway, so you don't need it. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 4:33 PM, Jesse Vollmarvollm...@gmail.com wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Use VLANs? -- Linux User #452368 Ubuntu User #28025 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Wouldn't that mean that the ISP would have to define the vlans on their end? That wouldn't be an option. On Mon, Aug 17, 2009 at 5:43 PM, Victor Padro vpa...@gmail.com wrote: On Mon, Aug 17, 2009 at 4:33 PM, Jesse Vollmarvollm...@gmail.com wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Use VLANs? -- Linux User #452368 Ubuntu User #28025 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 4:47 PM, Jesse Vollmarvollm...@gmail.com wrote: Wouldn't that mean that the ISP would have to define the vlans on their end? That wouldn't be an option. On Mon, Aug 17, 2009 at 5:43 PM, Victor Padro vpa...@gmail.com wrote: On Mon, Aug 17, 2009 at 4:33 PM, Jesse Vollmarvollm...@gmail.com wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Use VLANs? -- Linux User #452368 Ubuntu User #28025 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Maybe you can use a capable VLAN switch where you can plug you modem/whatever you are using and assign the IPs in Pfsense as separate interfaces? I've done that using ADSL and Cable... -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
There is only one single modem. They have to share the same interface, because they come in on the same port. Unless of course you mean a virtual interface. On Mon, Aug 17, 2009 at 5:55 PM, Evgeny Yurchenko evg.yu...@rogers.comwrote: Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Jesse Vollmar wrote: There is only one single modem. They have to share the same interface, because they come in on the same port. Unless of course you mean a virtual interface. On Mon, Aug 17, 2009 at 5:55 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote: Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. How come they have different gateways? Could you draw diagram? Eugene - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
This is too hard for me to draw out. Sorry. I only have one physical cable modem that according to the ISP is having two subnets routed to it. However, subnet 1 has a different gateway than subnet 2 on the ISP end. On Mon, Aug 17, 2009 at 6:00 PM, Evgeny Yurchenko evg.yu...@rogers.comwrote: Jesse Vollmar wrote: There is only one single modem. They have to share the same interface, because they come in on the same port. Unless of course you mean a virtual interface. On Mon, Aug 17, 2009 at 5:55 PM, Evgeny Yurchenko evg.yu...@rogers.comwrote: Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. How come they have different gateways? Could you draw diagram? Eugene - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 4:58 PM, Jesse Vollmarvollm...@gmail.com wrote: There is only one single modem. They have to share the same interface, because they come in on the same port. Unless of course you mean a virtual interface. On Mon, Aug 17, 2009 at 5:55 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote: Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org How can you adquire those IPs anyhow? If it's not using a Virtual Interface, VLAN? -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 5:09 PM, Jesse Vollmarvollm...@gmail.com wrote: This is too hard for me to draw out. Sorry. I only have one physical cable modem that according to the ISP is having two subnets routed to it. However, subnet 1 has a different gateway than subnet 2 on the ISP end. On Mon, Aug 17, 2009 at 6:00 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote: Jesse Vollmar wrote: There is only one single modem. They have to share the same interface, because they come in on the same port. Unless of course you mean a virtual interface. On Mon, Aug 17, 2009 at 5:55 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote: Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse Add new interface. Eugene. How come they have different gateways? Could you draw diagram? Eugene - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Again, use VLANs and configure the interfaces in Pfsense in order to adquire IPs from each subnet: LAN: 192.168.10.1(or whatever you are using) WAN: xy.xy.xy.10 WAN1: ab.ab.ab.ab WAN2(VLAN50): xy.xy.xy.20 WAN3(VLAN60): xy.xy.xy.30 -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
| From: Victor Padro vpa...@gmail.com | | Again, use VLANs and configure the interfaces in Pfsense in order to | adquire IPs from each subnet: | | LAN: 192.168.10.1(or whatever you are using) | WAN: xy.xy.xy.10 | WAN1: ab.ab.ab.ab | WAN2(VLAN50): xy.xy.xy.20 | WAN3(VLAN60): xy.xy.xy.30 I think that would require a vlan capable switch on the WAN side, and I think the original poster (Jesse) said that wasn't an option from the ISP. I had a not-disimilar problem and eventually did some ugly things, which I'm not very happy with, but it's a stop-gap solution for me. I think pfSense 2.x is expected to fix this (with IP aliases), but in the meantime I suspect you'll have to add another physical interface on your firewall, put a little switch on the outside, and plug your cable modem and the two WAN interfaces into the switch. I suspect that you can't do it with VLANs, because the link from the ISP is untagged. Hope that helps - cheers! John jsell...@syonex.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 5:37 PM, John Sellensjsell...@generalconcepts.com wrote: | From: Victor Padro vpa...@gmail.com | | Again, use VLANs and configure the interfaces in Pfsense in order to | adquire IPs from each subnet: | | LAN: 192.168.10.1(or whatever you are using) | WAN: xy.xy.xy.10 | WAN1: ab.ab.ab.ab | WAN2(VLAN50): xy.xy.xy.20 | WAN3(VLAN60): xy.xy.xy.30 I think that would require a vlan capable switch on the WAN side, and I think the original poster (Jesse) said that wasn't an option from the ISP. I had a not-disimilar problem and eventually did some ugly things, which I'm not very happy with, but it's a stop-gap solution for me. I think pfSense 2.x is expected to fix this (with IP aliases), but in the meantime I suspect you'll have to add another physical interface on your firewall, put a little switch on the outside, and plug your cable modem and the two WAN interfaces into the switch. That is the same thing I was trying to tell... you connect the cablemodem to the VLAN capable switch port 1 then you connect an interface from the pfsense to the port 2 then another one would be connected to the next interface on port 3, then you use VLANs to tag the ports between each other. port 1 tagged to port 2 port 1 tagged to port 3 etc. Or maybe my english it's not quite good, I am sorry about it. I suspect that you can't do it with VLANs, because the link from the ISP is untagged. Hope that helps - cheers! John jsell...@syonex.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
John Sellens wrote: | From: Victor Padro vpa...@gmail.com | | Again, use VLANs and configure the interfaces in Pfsense in order to | adquire IPs from each subnet: | | LAN: 192.168.10.1(or whatever you are using) | WAN: xy.xy.xy.10 | WAN1: ab.ab.ab.ab | WAN2(VLAN50): xy.xy.xy.20 | WAN3(VLAN60): xy.xy.xy.30 I think that would require a vlan capable switch on the WAN side, and I think the original poster (Jesse) said that wasn't an option from the ISP. I had a not-disimilar problem and eventually did some ugly things, which I'm not very happy with, but it's a stop-gap solution for me. I think pfSense 2.x is expected to fix this (with IP aliases), but in the meantime I suspect you'll have to add another physical interface on your firewall, put a little switch on the outside, and plug your cable modem and the two WAN interfaces into the switch. I suspect that you can't do it with VLANs, because the link from the ISP is untagged. Hope that helps - cheers! John jsell...@syonex.com Your address scheme does not make sense without subnet numbers. Anyways I do not think you can have the same gateway for all your three interfaces. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
On Mon, Aug 17, 2009 at 5:50 PM, Evgeny Yurchenkoevg.yu...@rogers.com wrote: John Sellens wrote: | From: Victor Padro vpa...@gmail.com | | Again, use VLANs and configure the interfaces in Pfsense in order to | adquire IPs from each subnet: | | LAN: 192.168.10.1(or whatever you are using) | WAN: xy.xy.xy.10 | WAN1: ab.ab.ab.ab | WAN2(VLAN50): xy.xy.xy.20 | WAN3(VLAN60): xy.xy.xy.30 I think that would require a vlan capable switch on the WAN side, and I think the original poster (Jesse) said that wasn't an option from the ISP. I had a not-disimilar problem and eventually did some ugly things, which I'm not very happy with, but it's a stop-gap solution for me. I think pfSense 2.x is expected to fix this (with IP aliases), but in the meantime I suspect you'll have to add another physical interface on your firewall, put a little switch on the outside, and plug your cable modem and the two WAN interfaces into the switch. I suspect that you can't do it with VLANs, because the link from the ISP is untagged. Hope that helps - cheers! John jsell...@syonex.com Your address scheme does not make sense without subnet numbers. Anyways I do not think you can have the same gateway for all your three interfaces. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Yes, you are right...I forgot that...just read it in your previous email. I step aside, then. -- Linux User #452368 http://twitter.com/vpadro Manifiesto por una cultura libre: http://culturalibre.org/ Doing a thing well is often a waste of time. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Hi Jesse, I just had the same exact scenario. I had a DSL connection with a /29 subnet (5 usable ips), then last week I added another /29 subnet. The new block is in a completely different subnet than the original one. This is how I configure it. The original subnet was setup with CARP virtual IP's (1 for every ip), all I did for the new block is adding a new virtual ip network, this time using Proxy Arp and entering the new /29 subnet. I left the WAN address and everything else untouched and it all just worked. Not sure if using CARP for the new subnet would work as well, I haven't tried it. I hope this will work for you. I'm using 1.2.3-RC1 btw. Max Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Subnets From ISP Same Interface
Max Cristin wrote: Hi Jesse, I just had the same exact scenario. I had a DSL connection with a /29 subnet (5 usable ips), then last week I added another /29 subnet. The new block is in a completely different subnet than the original one. This is how I configure it. The original subnet was setup with CARP virtual IP's (1 for every ip), all I did for the new block is adding a new virtual ip network, this time using Proxy Arp and entering the new /29 subnet. I left the WAN address and everything else untouched and it all just worked. Not sure if using CARP for the new subnet would work as well, I haven't tried it. I hope this will work for you. I'm using 1.2.3-RC1 btw. Max Jesse Vollmar wrote: Hey guys, after googling this for a while, I'm not finding any clear instructions for doing this. I currently have a multi-wan scenario with failover configured. I just purchased another static IP block from one of the ISPs and they are now routing those to me (so they say). I would like to use this new subnet in concurrence with my old subnet, both on the same interface (OPT1). The subnets do not share the same gateway. What is the proper way to configure this? Thanks, Jesse CARP IP must belong to the same subnet your interface has. GUI just will not allow you to create CARP IP from different subnet. What MAx described is possible but Jesse confused me with the subnets do not share the same gateway. Eeugene - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
