How to set ip range on LAN same as WAN range ip

stephenw10

Yeah the examples you gave are not conflicting subnets so there's no problem assigning one as WAN and and one as LAN.
Is that not actually the case?

Steve

pflover

@stephenw10
i have pfsense with ip address: 86.25.32.21
and my server is : 86.25.32.23
and gateways of pfsense and server is : 86.25.32.20
i have LAN interface on pfsense that when i trying to set ip 86.25.32.25 i get this error :
IPv4 address 86.25.32.25/32 is being used by or overlaps with: WAN (86.25.32.21/28)

i have this problem.
my purpose is my server can not connect to internet directly and only can connect to internet through pfsense.
please help me

viragomann

@pflover said in How to set ip range on LAN same as WAN range ip:

i have LAN interface on pfsense that when i trying to set ip 86.25.32.25 i get this error :
IPv4 address 86.25.32.25/32 is being used by or overlaps with: WAN (86.25.32.21/28)

That might be true. 86.25.32.25 is part of the WAN network 86.25.32.21/28, so you cannot use this IP on LAN.

The only option to use a public IP out out of the WAN network behind pfSense is bridging the interface as described in the docs.

stephenw10

Yup, that^. In that situation you can only use bridged interfaces.

johnpoz

Bridging is not the only way - he could just nat it and use a vip for whatever public IP he wants to use and either port forward the specific ports he needs or 1:1 nat

Which would be far easier and less complex setup than a bridge - and less likely for a security screw up if using port forwards.

stephenw10

Yup that's true if the server doesn't require a public IP directly.
I'd thought it did but reading back now it's not clear.

johnpoz

@stephenw10 said in How to set ip range on LAN same as WAN range ip:

server doesn't require a public IP directly.

It would be a very odd scenario where it HAD to be public.. Like some license hard locked to having to see public IP? I really can not think of a scenario that it wouldn't be better to just nat..

Unless there is a specific reason that public IP on the device is required - which can not think of.. Something needed with L2 from the isp maybe? Doubtful.

stephenw10

Unfortunately it's something we see quite often. Some server/application that will only use it's local IP with no way to be configured for an external public IP or detect it automatically.
I agree, it shouldn't ever happen in 2021 but....

johnpoz

@stephenw10 You mean like a ftp server handing out its IP to connect to via passive?

stephenw10

Yup, exactly like that. PBXs are also relatively common. Other more obscure appliances etc.

johnpoz

@stephenw10 that is just SAD at so many levels.