IP Routing for PFSENSE with OVH network and default gateway out of subnet

IP FAILOVER configuration for PFSENSE with OVH network

If you buy a VMware server and an IP block from OVH you will be surprised because the default gateway don't match the IP block and this is a problem for PFSENSE.
Even if this setup is unusual, it is valid and give full satisfaction if you know how to configure your firewall and hosts.

It's important to configure pfsense networking as follow:

  • The default gateway is the ESXI HOST ip with final .254 (XX.XX.XX.254)
  • iface em0 is the WAN interface (it can be different depending on your configuration)
  • in pfsense GUI, LAN and WAN interface do not have default gateway assigned
  • use cmdshell addon to make "permanent" the route to OVH default gateway, cmdshell is an pfsense addon to be downloaded
  • add in cmdshell the following commands, if you don't have cmdshell install you can type those commands manually but the configuration will be lost when pfsense is rebooted

    • route add -net xx.xx.xx.254/32 -iface em0  (iface em0 = WAN interface)
    • route add default xx.xx.xx.254   (XX.XX.XX.254 = is the HOST IP address with final .254)


Masquerade source address (hide NAT)

Here is how it should be configured to be able to navigate from the internal network, 192.168.6.x is the LAN addressing

 

 

  • OVH, pfsense firewall, gateway, routing, IP failover
  • 2 Utenti hanno trovato utile questa risposta
Hai trovato utile questa risposta?

Articoli Correlati

Installazione certificato SSL per servizi RDP in Windows 2012

Per poter generare il CRS è necessario entrare in IIS digitando il componente Gestione Internet...

How to add a SSL Certificate to Mailcleaner

MailCleaner is an excellent and free mail filtering solution for small businesses/non-profits.  I...

Configurazione IP Failover OVH su VM debian Utixo

Editare il file /etc/network/interfaces come segue:   1 2 3 4 5 6 7 8 9...

Enterprise Vault: Script SQL per determinare la locazione del DB Fingerprint

Per poter determinare nome e locazione del Fingerprint Database si puo usare il seguente script...

Windows 2012 How to specify Remote Desktop Licensing Mode

There are 2 ways to do that: Open Server Manager. Navigate to the Remote Desktop Services...