VIPs and 2 LANs
-
I am new to pfsense! I have 2.4.0 community and wondered if someone could help me understand how to have 2 LANS, each with their own unique static WAN IP. Traffic isn't expected to route between LANs. I do have 3 ports on my hardware, however I can trunk 1 NIC if that's how people want to guide me.
-
So you just want the traffic from each LAN to appear to exit from a different VIP when it leaves WAN?
You can do that easily with outbound NAT.
1. Add the VIPs if you haven't already, and make sure they work
2. Firewall > NAT, Outbound tab, set it to Hybrid mode and save.
3. Add a rule on that page for the WAN interface, match a source of the first LAN subnet, translation address is your first VIP
4. Copy that rule, change the source to your second LAN, and set the translation address to your second VIPIf you only have one VIP and want to use the WAN address for one of those, you can do that too, just set the translation addresses to be whatever you need/want.
Anything beyond that (like stopping the networks from reaching each other) is up to your local rules on their interfaces, the outbound NAT only controls what happens when their traffic exits WAN.