"Quote from: viragomann on October 31, 2025, 11:23:43 AMSo your created specific interfaces for the transfer network on both firewalls, you don't use WAN on either side?
Did you add proper routes on both?
Did you add firewall rules to allow communication?
A dedicated transfer network (VLAN 99) was configured between the two OPNsense firewalls — ITLAB-FW01 (internal) and ITLAB-FW02 (external).
The WAN interface is not used for inter-firewall communication.
Configuration details:
• VLAN: 99 (Transfer)
• Subnet: 192.168.99.0/30
• ITLAB-FW01 (Internal): 192.168.99.253/30
• ITLAB-FW02 (External): 192.168.99.254/30
Static Routes:
• On ITLAB-FW01, a static route was added to reach the external networks (192.168.41.0/24, 192.168.2.0/24) via gateway 192.168.99.254.
• On ITLAB-FW02, a static route was added to reach the internal networks (192.168.70.0/24, 192.168.1.0/24) via gateway 192.168.99.253.
Firewall Rules:
An "Allow any" rule was configured on the Transfer interface of both firewalls to permit all traffic (any → any → any) for testing and management purposes.
This setup ensures unrestricted communication between both sides of the lab environment through VLAN 99 without relying on the WAN interface.
