1 LAN NIC, static ip AND VIP for LAN subnets
-
Hi,
I've assigned a VIP (IP Alias) to a physical LAN Nic to handle requests for a different subnet, other than the LAN subnet.
I.e: LAN subnet = 192.168.10.1/24
IP Alias subnet = 192.168.11.1/24.Under Advanced > Firewall / NAT, the setting to bypass firewall rules for traffic on the same interface is checked.
It appears that I have all of the firewalls rules set on the LAN interface for the two separate subnets to allow traffic to/from one another, etc. So no restrictions.
Still, there's some firewall blocking going on for some traffic and pings that originate from the 192.168.11.0/24 subnet to the IP Alias 192.168.11.1. Also - cannot ping an external host using 192.168.11.1 as a gateway. NAT is configured properly for the 192.168.11.0/24 to the WAN, just like the 192.168.10.0/24 subnet was auto generated. Same kind of rule.
First time working with IP Aliases in this scenario.
Is it possible to have an IP Alias (192.168.11.1) to be used as a default gateway for 192.168.11.0/24 hosts on the same interface as the physical interface (192.168.10.1 and subnet 192.168.10.0/24)?Let me know if any thoughts/tips.
Thanks.
-
Simply ended up using VLANs for this situation. Previously had been told that the switch did not support VLANs, found out otherwise.
Further… configured VLANs on pfSense under: Interfaces > Assign > VLANs and Interface Assignments.