pfSense Gold Subscription

Author Topic: Extend Network to other factory  (Read 3581 times)

0 Members and 1 Guest are viewing this topic.

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Extend Network to other factory
« on: January 16, 2007, 11:39:07 pm »
Hi all,
I need some help with an issue i have at the moment.  At our factory we run a small business 2003 server with a 24 port switch to all the client computers.  We have now just bought another factory about 200m up the road and i want to set up a wireless link between the 2 factories so the computers over there can see our small biz server.  I have 2 wrap units with pfsense setup on them.  Has anyone done this before?  Can someone guide me please?

Thanks,

Beau

Note: the small biz server handles all the dhcp and firewall through ISA server.

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Extend Network to other factory
« Reply #1 on: January 17, 2007, 04:03:52 am »
Yes, I have a setup similiar to this (though not wireless but static 2 mbit/s link). Set it up in the following way:

Internet-------Mainoffice-------wan/pfsense1/lan(wifi)    )    )    )  wifi link  (    (    (    wan(wifi)/pfsense2/lan---------Branchoffice

- Setup a transfer network that both pfSense can share for the wireless link.
- Enable advanced outbound nat at both pfSense systems at firewall,nat, outbound and delete all autocreated nat rules to convert the setup into a routing platform.
- Now create pass any any any rules at wan and lan (change the default lan pass rule from source subnet lan subnet to any).
- Create static routes at pfSense1 to point to the remote lan subnet behind pfSense2
- create static routes at your mainoffice default gateway to point to the pfSense1 for the remote lan subnet (add the transfer subnet too if you want to be able to reach these IPs)
- at pfSense2 setup the dhcp server to hand out IPs for the branchoffice. assign the dns-server of the mainoffice (alternatively you can setup dhcp relay but using the pfSense dhcp server should be easier and dns will manage the rest)
- optionally set up the trafficshaper at both systems to give priority to terminalsessions or whatever
 

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Re: Extend Network to other factory
« Reply #2 on: January 17, 2007, 04:38:07 am »
Hi Hoba,
Thanks for the reply.  What do you mean by a transfer network?  Sorry if it sounds stupid to ask.

Beau

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Extend Network to other factory
« Reply #3 on: January 17, 2007, 05:44:57 am »
Some kind of in your setup unused network like pfSense1 wireless interface is 172.16.0.1/24 and pfSense2 wireless interface is 172.16.0.2/24, gw 172.16.0.1. This way you won't have any broadcasts on the wireless link eating bandwidth.

This transfer net will only be seen in traceroutes.

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Re: Extend Network to other factory
« Reply #4 on: January 17, 2007, 06:09:16 am »
Should i use adhoc connection or AP and Infrastrucure?

Thanks,
Beau

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Extend Network to other factory
« Reply #5 on: January 17, 2007, 06:15:02 am »
I would go with AP at one end and infrastructure at the other end.

Offline tag

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Extend Network to other factory
« Reply #6 on: January 23, 2007, 06:35:44 am »
Hi,

I am also trying to setup a similar configuration, but my question is how do I get the one pfsense1 wireless  to connect to pfsense2's wireless.

I have pfsense2 as a wireless AP, but how do I setup pfsense1 to conenct to that AP?

Thanks
Tonino

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Extend Network to other factory
« Reply #7 on: January 23, 2007, 01:49:49 pm »
The second pfSense has to be set to mode "infrastructure" with the same channels/ssid/encryption/... .

Offline tag

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Extend Network to other factory
« Reply #8 on: January 23, 2007, 11:40:13 pm »
great - thanks.  I got it working.

:)

Offline lsf

  • Wireless Expert
  • Administrator
  • Hero Member
  • *****
  • Posts: 3262
  • Karma: +0/-0
    • View Profile
Re: Extend Network to other factory
« Reply #9 on: January 23, 2007, 11:53:30 pm »
-lsf

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Re: Extend Network to other factory
« Reply #10 on: February 02, 2007, 04:39:18 pm »
Hi all,
I have tried this setup. I have set it all up in one room at the moment with 2 computers.  I have set 1 as an AP and the other as infrastructure.  However for some reason when i go to status/wireless it wont show the AP but it will show our AP for our internet connection.  If i scan for AP's using my laptop it will show both the Internet AP and the PF AP. They are both on different channels.
Any help please?

Beau

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Re: Extend Network to other factory
« Reply #11 on: February 03, 2007, 05:46:15 am »
Ok,
I can see the Infrastructure PF box from the PF AP and it even show the wireless ip of the INF PF in the ARP tables, i have created the rules any,any,any for both the lan and the wireless on both box and i cannot ping the other box from the AP.
Beau

Offline hoba

  • Administrator
  • Hero Member
  • *****
  • Posts: 5837
  • Karma: +3/-0
  • What was the problem to this solution again?
    • View Profile
    • pfSense
Re: Extend Network to other factory
« Reply #12 on: February 03, 2007, 10:39:11 am »
Make sure you have all needed routes in place and you did shut down natting where needed. You also need to uncheck interfaces>wan "block private IP Ranges".

Offline bean79au

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-3
    • View Profile
Re: Extend Network to other factory
« Reply #13 on: February 09, 2007, 06:58:37 pm »
Hi Hoba,
Sorry to be a pain again (i am new to this) i still cannot get this to work for some reason, i cannot even ping between the 2 pfsense units.  With the rules do i set them in the NAT page or in Firewall/Rules page? And with the static routes what would the Gateway be?

Thanks,

Beau

Offline hchady

  • Jr. Member
  • **
  • Posts: 76
  • Karma: +0/-0
    • View Profile
Re: Extend Network to other factory
« Reply #14 on: February 13, 2007, 03:32:15 am »
the simpler way is to buy 2 access points that are WDS or bridges capable (like buffalo WHR-HP-G54), once wireless link is configured by wds for example, you just need to connect them to each part of your network

Chady