Show Posts
1
24.1 Legacy Series / Connecting 4 opnsense routers via a shared "Switch" all with different subnets
« on: March 21, 2024, 11:44:44 pm »
This is a weird one and if there are better ways to accomplish this then please let me know as I have been working on this for over a year now trying to do research on my own from scratch and started knowing very little about networking let alone opnsense.
Basically I have 4 different locations that each have their own OPNsense router and a single LAN and at least one WAN with a few locations having backup WAN's as well. These are all connected Via the Legacy Server/Client site to site vpn and are usually okay to stay connected that way. I also have radio links (think of this as just a bunch of switches connected between each other) between all locations on another seperate interface and subnet and they can all communicate to each other via the radio link subnet. I have attached am image I drew to help illustrate better what our network looks like.
I need each local lan subnet (they are all different) to be able to use the radio lan to talk to each other. Right now I cant get building 1 local lan to talk to bulding 2 local lan using the radio link network. I think it is firewall rules but I have tried a few things like allowing in 192.168.1.0/24 on the interface for building 2 local lan and vice versa and it doesnt work.
Then after I can get 192.168.1.0/24 to talk to 192.168.4.0/24 over the 205 radio link network/interfaces then I would love to have the lans use 205 to talk to each other unless it goes down or gets slow and then switch to using the vpn.
Basically I have 4 different locations that each have their own OPNsense router and a single LAN and at least one WAN with a few locations having backup WAN's as well. These are all connected Via the Legacy Server/Client site to site vpn and are usually okay to stay connected that way. I also have radio links (think of this as just a bunch of switches connected between each other) between all locations on another seperate interface and subnet and they can all communicate to each other via the radio link subnet. I have attached am image I drew to help illustrate better what our network looks like.
I need each local lan subnet (they are all different) to be able to use the radio lan to talk to each other. Right now I cant get building 1 local lan to talk to bulding 2 local lan using the radio link network. I think it is firewall rules but I have tried a few things like allowing in 192.168.1.0/24 on the interface for building 2 local lan and vice versa and it doesnt work.
Then after I can get 192.168.1.0/24 to talk to 192.168.4.0/24 over the 205 radio link network/interfaces then I would love to have the lans use 205 to talk to each other unless it goes down or gets slow and then switch to using the vpn.