1 WAN with 32 IP ADDRESSES, bridging
-
I have multiple IP addresses assigned to virtual IPs on a single WAN. I need to bridge one of those ip addresses to a server on the LAN. For the life of me, I cannot figure out how to do this.
Could someone give me an example? any help would be appreciated. Thanks. -
I believe you are looking for the 1-to-1 NAT which maps an 1 Virtual IP to an internal IP. You can find it on the 1:1 tab of the NAT section.
Any traffic destined for that virtual IP all gets redirected to the internal IP you specify.
-
Thanks, I know about 1:1 nat, but what I need is to have that Virtual IP assigned to the interface on the server (software requirements)
I could switch it out before the router and place it directly on the server, but I was hoping for some kind of bridging solution, so I could run everything thru PFSense. -
Ideally you should get your ISP to assign a /29 for your interface and route that /27 to an address on that.
But bridging WAN can be done. What isn't working?
-
everything is routed from the ISP… no bridging from them.
I don't want to bridge the entire WAN, just one of the IP addresses.. I don't know how, or if it is even possible
I actually have 3 subnets
x.x.x.32/29 (1 gateway 5 usable)
x.x.x.72/29 (1 gateway 5 usable)
x.x.x.80.28 (1 gateway 13 usable)I want to assign x.x.x.35 to server on lan going thru pfsense
could I just put in a static route? hmmmm
-
I'm looking to do something similar as I have a server that needs to be NAT-less but still be behind firewall for traffic shaping purposes.
I think it needs to be put in a DMZ.
-
I don't want to bridge the entire WAN, just one of the IP addresses.. I don't know how, or if it is even possible
I actually have 3 subnets
x.x.x.32/29 (1 gateway 5 usable)
x.x.x.72/29 (1 gateway 5 usable)
x.x.x.80.28 (1 gateway 13 usable)I want to assign x.x.x.35 to server on lan going thru pfsense
You can break the x.x.x.32/29 into two /30 subnets, then assign the second of them to the LAN or DMZ interface of pfSense.
ISP x.x.x.33 –--- x.x.x.34/30 pfSense x.x.x.37/30 ----- x.x.x.38/30 Server
Now, since the ISP still believes that his router shares L2 segment with the whole x.x.x.32/29 subnet, you have to trick him using ProxyARP VIP x.x.x.38/32 on the WAN of pfSense that will make the server reachable from the Internet.
