Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multiple IP Addresses

    General pfSense Questions
    2
    2
    442
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rfrisch last edited by

      We recently transitioned to fiber services and they have provided us with the following:

      Routed /30
      Network: x.97.98.4

      /28
      Network: x.97.220.112
      Gateway: x.97.220.113
      Useable: x.97.220.114 thru x.97.220.126
      Broadcast: x.97.220.127
      Size: /28
      Subnet: 255.255.255.240

      We setup the wan of our PFsense box as x.97.98.6, gw: x.97.98.5

      I would like to us the additional 13 static ip addresses for various servers, however cannot figure out how to get them working.
      I currently have port forwarding setup for a single port, 443->10.0.1.149. Perhaps that is causing the problem.

      What I have done:
      Setup a virtual ip: ip alias for x.97.220.115 /28

      Firewall/nat/1:1 : interface: wan, external subnet: x.97.220.115, internal ip: single host 10.0.1.168
      Firewall/rules/wan: interface: WAN, source: any, destination: single host or alias 10.0.1.168
      System/routing/gateways/ secondary gateway (not default) for /28: gateway: x.97.220.113
      System/routing/static routes/ destination network: x.97.220.112 /28 gateway: x.97.220.113

      However I cannot access anything when reaching x.97.220.115 from outside of our network. Internally, the page works.

      1 Reply Last reply Reply Quote 0
      • C
        chris4916 last edited by

        If you assign additional "virtual" IPs to you unique WAN interface, then you will be able to handle, at port forwarding level, different forward rules based on destination IP without having to rely on different port for same URL (e.g.)

        This is somewhat easier than true reverse proxy, with slightly different mechanism.

        It also allows different FW rules depending on destination IP, which also means capability to have different public DNS entries pointing to these different IPs

        well, quite a lot of flexibility  ;)

        Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post