Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    More than 1 IP address for LAN if

    Scheduled Pinned Locked Moved Firewalling
    9 Posts 5 Posters 4.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fernandov
      last edited by

      Is there a way to configure a secondary IP address for the LAN interfase? Our internal network is divided in subnets to split departments, but they all reach the firewall to go to the Internet.

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        Traditional FreeBSD alias' are going in 1.3, you can add them manually adding the shellcmd into the config.xml. Search around and you should find details. The other alternative is to use VLANs.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          You should really put them on separate switches, or use VLANs, that's the proper way to do that. There's no sense in splitting up departments into subnets if they're all on the same broadcast domain.

          If you insist on adding multiple IPs on a single interface, see:
          http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf

          1 Reply Last reply Reply Quote 0
          • R
            rickbaran
            last edited by

            Would this be the same for vlans? I tried to enter a VIP but i can't get anything to go through on a vlan. I would try doing the manual entrys it but this machine is live 24/7 and don't have another layer 2 switch to test.

            1 Reply Last reply Reply Quote 0
            • dotdashD
              dotdash
              last edited by

              I don't understand what you are trying to do. Why would you need an alias address if you're using vlans? The original question was about adding an alias on the LAN because the network wasn't properly vlan'd…

              1 Reply Last reply Reply Quote 0
              • R
                rickbaran
                last edited by

                We have a web server that has a class of address and we are adding another class to the same server. The ip's that we are getting are not sequential and has a different subnet. On our old software we would add a secondary address to vlan adapter.

                1 Reply Last reply Reply Quote 0
                • dotdashD
                  dotdash
                  last edited by

                  You should just be able to add the VIP in on the WAN interface where the IP is routed, then use the VIP for a port-forward. If you mean you have done this, but the WAN interface is a VLAN and it's not working, then I'm out of ideas. It should work, but I tend to keep my WANs on physical interfaces, so I can't confirm.

                  1 Reply Last reply Reply Quote 0
                  • A
                    agismaniax
                    last edited by

                    @cmb:

                    If you insist on adding multiple IPs on a single interface, see:
                    http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf

                    can i use this setting with OpenVPN enabled?

                    1 Reply Last reply Reply Quote 0
                    • C
                      cmb
                      last edited by

                      @agismaniax:

                      @cmb:

                      If you insist on adding multiple IPs on a single interface, see:
                      http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf

                      can i use this setting with OpenVPN enabled?

                      Yes

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.