Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using NAT with a VIP ? (2 differents subnets)

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    2 Posts 1 Posters 639 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dattik
      last edited by

      Hello,

      I'm a beginner with pfsense, and after several researches; I didn't find any solution for my problem, so I come here…

      Here is my case :

      I created a personal lab with some ESXi..

      I have 2 networks :
      Network 1 = 192.168.2.0/24
      Network 2 = 192.168.100.0/24

      • Each network have a pfsense (.254) for the virtual machines.
      • A VPN site-to-site have been made between this 2 networks (ping are OK).

      Concerning the hosts :
      pfsense (Network1) : 192.168.2.254 (with also a WAN interface)
      mail-server1 (Network1) : 192.168.2.120
      mail-server2 (Network2) : 192.168.100.130

      • The mail servers are currently in Active/Passive state (192.168.2.120 is UP, and 192.168.100.130 is DOWN), so if "mail-server1" shuts down, the IP of "mail-server2" becomes active.
      • I also have some others hosts in the Network 1.

      Here is what I want :
      I though about creating a VIP in Network1 like 192.168.2.140 (that will deserve both of my internal mail servers : 192.168.2.120 and 192.168.100.130).
      And then, I would like to make NAT rules to redirect some trafic (https and mail) TO this VIP, so the trafic will be always redirected to the active host.

      Unfortunately, I don't know how to do that.. :/

      Is there a way to achieve what I want to do ?
      Or another solution with pfsense ?

      Maybe I'm not explaining the case very well, so in case, here is a schema of my need :

      Thx for reading !

      1 Reply Last reply Reply Quote 0
      • D
        dattik
        last edited by

        Problem Solved, I used "haproxy" package of pfsense and it works as needed !

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.