Multiple WAN IP mapped to same LAN IP

  • I'm in the process of replacing a linux based firewall with a pfsense box. The pfsense machine has 2 interfaces, one for LAN, one for WAN. I'd like to expose 4 WAN IP's (for the sake of argument, say 30.x.x.180-183) and use those same IP's internally using the LAN interface. I'd also like a 192.168.0.x network on the LAN interface NATd through the firewall. Ideally, I'd like to restrict the ports that are available on the exposed machines to a relatively small number of ports (HTTP, SMTP, FTP, etc), so I'm assuming port forwarding should do the trick. How about connecting to those machines from the 192.168.0.x network? Do I need to enable NAT reflection?

  • Is it necessary to have public IPs on the servers?

  • Not a strict requirement, but they will be running software that will be licensed to the external IP, so it would make life a lot easier.