4. Using /29 - virtual ip's or wan vlan?

Using /29 - virtual ip's or wan vlan?

  • R

    I've done nat fwd rules, and I've used a wan vlan to spit a /29 between 3 different vendor routers - but I've never set it up in pf using virtual ip's.

    (well, once using non routable internal for a ha mockup)

    Is there any particular advantage using vip's - particularly over vlanning it?

    The use case I have in mind at the moment is exposing dns and/or a proxy for road warriors.

    0
  • LAYER 8 Netgate

    You really cannot make an inside interface wwith public addresses with a single /29 on WAN. The best you can do is 1:1 NAT addresses to inside hosts. Some people bridge WAN so they can put hosts on public IP addresses. Not a fan.

    If they were to route another subnet to an address on that /29 you could use that subnet on an inside interface, use VIPs on WAN, or basically do whatever you want.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy