pfSense English Support > Routing and Multi WAN

Static route between 2 pfSense

(1/5) > >>


I've tried many things, and read a lot of topics, but I don't understand what I am doing wrong.
Probably an easy question, but I am totaly confused right now.

I have the following:

I want to be able to access the ESXi server from the workstation. What should I do? The DHCP server and gateway for the network is on pfSense 1
In my understanding, I don't need anything to do on pfSense 1, because the traffic will go directly from pfsense2 to the ESXi server. Is this correct?

On the pfSense 2 I tried many different things, but it won't let me connect to the server from the workstation. On diagnostic > Ping I am able to ping the server. If I select the subnet from the workstation I am not able to ping the server. So I thought it might be a firewall problem. I created a pass all rule on the firewall, but it didn't work.

What should I do? And what can I try to troubleshoot the problem?

You need to add a route to the ESXi for the network dericting to pfSense2 address

However, if you also want to access VMs, also on these VMs a route will be needed.

Thanks for your reply.

So I need to add a static route on the ESXi host? Is it also possible to do it without adding static routes on the ESXi host and/or VM's?

Maybe it is better to use the following setup:

If I am right, I need the following static routes:

pfSense 1: gateway:

pfSense 2: gateway:

Is this correct?

Using a transit network between routers like that is always better. :thumbsup:

Yes, your routing looks sane. Firewall rules on the transit interfaces will also need to pass the source traffic from the downstream networks.

Yes, that's the basic pattern for any situation where you have to route between two networks that are not directly connected to the same router. Applies to site to site VPNs and other tunnel solutions as well.


[0] Message Index

[#] Next page

Go to full version