Transparent Filtering, NAT, and DHCP all on the same platform
-
I have a situation where I need to do transparent filtering and NAT on the same pfSense platform.
Transparent filtering: I need to send three routable static IP through the pfSense box, each to a separate physical interfaces. Read the post at https://forum.pfsense.org/index.php?topic=37824.0
The plan is to route the NAT and DHCP traffic through a separate physical interface to a downstream POE switch
Hardware is a SUPERMICRO 5015A-EHF-D525, with an Intel i350-t NIC for LAN. The 1GB port on the motherboard is used for WAN.
Before starting from zero, anyone else have this in a production environment?
-
That guide is way old! But still basically sound.
Are all these IPs in the same subnet? Same as the main WAN IP?
There should be no real issue with what you're planning, I've configured systems like that a number of times.
Steve
-
The WAN IP are all in the same /29, the LAN IP are /8 (10.x.x.x)
-
Ok, I wouldn't anticipate any problems doing that. You can certainly bridge two interfaces and have NAT from a third interface.
As described in that thread it would be common to assign the bridge interface and put the WAN on that complete with one of the public IPs.
Steve
