WAN with Non-Bridged Mode ISP
-
I have the following setup:
ISP details
WAN IP x.x.x.x/30
ISP LAN y.y.y.y/26The WAN interface is up and running and working properly, with 1 external IP. The ISP has given me 64 external IPs that goes thru the WAN interface (they called it LAN). My understanding is that this is a Non-Bridge Setup (I tried to ask for a bridged setup, but they cannot provide that setup for me).
My question is this: How can I get that ISP LAN IPs (they are external), to go thru the WAN Interface? I will have dozens of Web Servers, so how the heck do I get those LAN IPs to go thru the WAN Interface.
I tried to do a Firewall: Virtual IP Address, but whenever I try, I get a:The following input errors were detected:
You cannot use the network address for this VIPCan someone help me with this?
Thanks… -
ISPLAN y.y.y.y/26 are real public IPs. So you just want pfSense to route those, and not do NAT.
Firewall->NAT, Outbound - switch to Manual and delete the NAT rules for that y.y.y.y/26 interface.For initial setup and testing put:
- pass rule on WAN to allow source any, destination ISPLANnet
- pass rule on ISPLAN allow source ISPLANnet destination any
Now put a test device in ISPLAN, you should be able to get out from it to the internet.
The ISP should be routing anything for y.y.y.y/26 to your public WAN IP, so get on the real internet and try accessing that ISPLAN test device. It should be reachable.Once you know the routing is working fine, then put more restrictive rules on WAN and ISPLAN to allow only what you really want, and setup the real servers…