No VIP connectivity after WAN IP changes



  • Let me preface this by saying I'm not a network expert, but can usually figure things out.

    I previously had 3 public IPs on my system. Everything was working fine, I just needed more IPs. I put in the request for more IPs and was given a different block altogether - 98.xx.xx.66 through 98.xx.xx.70. Subnet is 255.255.255.240 with a gateway of 98.xx.xx.65.

    I updated the pfsense configuration to use .66 as the primary WAN IP and it works just fine. When adding any of the subsequent IPs as VIPs (duplicating the settings of the previous VIPs), those services are unreachable on those IPs. I've updated the NAT/Firewall rules accordingly.

    ISP's response to a support request was: " these ip addresses are not configured the same way as your previous ip block. You new IP's do not communicate from behind the .66 ip as there is no primary ip in the ips assigned.  In other words basic configuration for these 5 ips would be to have the cable modem feed a switch and each of the devices have one of these ips as a static and be plugged directly to that switch.  Currently i only see the .66 configured directly behind the modem."

    Does this make sense? It looks to me like he thinks I had one WAN IP and overlooked the fact I had 3 WAN IPs previously.

    Also, does anyone have any insight on this or can anyone point me in the right direction? I've tried configuring the extra IPs as Aliases, CARP, Proxy Arp, and Other with no luck in getting things online.