Help -setting up 2nd dhcp for vms using pfsense

marcoi

Well-Known Member
Apr 6, 2013
1,406
226
63
Gotha Florida
I'm currently using sophos UTM home edition for my home network. Being free it has limited 50 IP address. So I'm setting up my home dev esxi box which will have various vms running for work related tasks. I setup pfsense on esxi with two nics. One goes to home network, other is internal switch only. Home nic is used as wan nic on pfsense and vm switch is being used as dhcp for all vms built on esxi host.

Home network is 192.168.0.x. I assigned wan port 192.168.0.4 for pfsense. What i want is pfsense to provide ips to vms on some network range that I can access from pcs on the 192.168.0.x range. I also want pfsense to provide internet access to the vms from my home network. what i dont want is esxi hosts to communicate back to 192 network range.

I'm having a challenging time figuring out how to configure pfsense.

I was originally thinking of doing pfsense wan 192.168.0.4 then lan 192.168.4.1 with dhcp range of 192.168.4.10 to .254. I disabled the firewall so home network 192.168.0.x network can access 192.168.4.x range. Seems like pfsense didnt like that.

So I'm not sure if i need to setup vlans, or use a different ip range for lan side of pfsense and do some other routing when i want to access that range, something like dns forwarding etc?

Any suggestions appreciated.
vmswitch.JPG
pfsense1.JPG
 
Last edited:

j_h_o

Active Member
Apr 21, 2015
499
116
43
California, US
You'll have to set pfSense to NAT between the networks.

Attach a screenshot of your NAT configuration right now, and someone can tell you what rules to add.
 

marcoi

Well-Known Member
Apr 6, 2013
1,406
226
63
Gotha Florida
if anyone had general overview of how i need to setup pfsense for this to work ill take that and research how to implement.
 

whitey

Moderator
Jun 30, 2014
2,770
866
113
38
If you are attempting to use pfSense as a VM I typically setup my ESXi host with one 1GbE nice for WAN traffic, no vlan tag in vSphgere, tag phys switch and put this connection as well as the modem's wan port in the same vlan, from there your other nic would be lan traffic and setup pfSense as any typical WAN/LAN 2nic setup. Other nic could be trunked to switch and pass MANY vlan's for internal testing/separation.