Routing Gb Ethernet
-
Can one set up a PfSense firewall to route one IP's WAN traffic to LAN1 and the other WAN IPs to another LAN?
EG: IPs assigned from ISP
13.13.13.1-13.13.13.413.13.13.1 <-> LAN1
13.13.13.2-13.13.13.4 <-> LAN2If so, what model should I get. LAN & WAN ports are all 1Gb and truly support a full 1Gb.
-
@dennis100 I've never configured more than a simple single LAN, single WAN home setup. However, I would imagine that you would want to do something like:
- Make the gateway corresponding to the WAN interface with IP 13.13.13.1 your default gateway
- Make a gateway group out of the WAN interfaces corresponding to the IP addresses 13.13.13.2 through 13.13.13.4
- Create firewall rules for LAN2 that set the gateway group created in the above step as the gateway for all traffic coming in the LAN2 interface.
I believe that should pretty much get you to where you want to be, if I understand the question correctly.
-
No you would not create a gateway group. You would just create VIPs for your other IP, then sure you can have any specific client on 1 network use IP .2 and other clients on that same network or a different network/vlan use .3 as their source IP when they nat to the public internet.
But that wouldn't be done with gateway groups. If you had multiple interfaces, pfsense will not allow you to put them in the same network, ie this 13.13.13 wan transit network.
As to what appliance - what budget do you have? The sg-3100 can do gig.. But you might want something a bit more beefy? 4860 (end of sale), 7100? I do believe there are some other models in the works as well that might fit you need/budget.
A bit more about your network and plans for pfsense - running packages like proxy/ips ? etc..
