Hey guys, so i was given this task, but i am stuck.
we just had our new provider installed in our new location. The way we connect to them is via a bgp tunnel, then we have a AS number so we can be assigned a block of IP addresses. My end goal is to assign different WAN addresses to our Vlans.
wan to isp through bgp:
208.x.x.241/31 (vlan 69420) = our local pfsense device
208.x.x.240 = our isp router
74.x.x.0/24 = block of ip addresses.
so a rough configuration looks like this:
WAN interface(through vlan 69420):
Wan = 208.x.x.2/31
gateway= 208.x.x.1
bgp:
only relevant information to this i think it would be the fact that under networks to redistribute the /24 is listed.
up to this point we have internet, bgp looks good, all vlans go out though 208.x.x.241 to 208.x.x.240 to the internet.
I was given an example config to configure this firewall, and it goes this way.
proxy arp virtual IPs /24
vlan250 (not sure about why the vlan quite honestly) appended to the wan interface (ixl3)
then got a DMZ interface assigned to the vlan250 ixl3 with static ipv4 config with the 74.x.x.0/24
then finally, under NAT-outbound the config is as follows:
do not NAT entry:
interface- WAN
protocol- any
source- 74.x.x.0/24
destination- any
Then to assign one of the addresses to the specific vlans, is just a simple NAT entry on the WAN, source is one of our vlans, translation to one of the addresses in the /24.
So i did the same thing in the new building, however… it does not work, Can access LAN resources, but nothing is coming out to WAN. The ISP side, is the same as the other campus, just of course different addresses.
question is, is there something i may be missing? This has me scratching my head.
Thank you guy for any help!