WAN with /29 - public IP for one host



  • Hi,

    maybe some one can give me a push in the right direction how this may possible with pfsense:

    Let's say:
    ISP Provide 1.2.3.0 /29
    GW: 1.2.3.1
    WAN1 IF: 1.2.3.2
    LAN IF: 10.10.10.0 /24

    So I want my LAN to use WAN1 as NAT, that's easy and already done.

    But one Machine behind the pfSense should instead of local IP it should have a own WAN IP directly sitting on it's IF - no NAT. So 1.2.3.3 for this Machine. I still want to pass it through pfSense so I can apply e.g. a shaper or have inter vlan routing to my LAN.

    Target should be that this Machine now directly have a interface with 1.2.3.3 and not just a 1:1 or Forward.

    diagram

    Monday I have a lab setup hands on where I can try some things.

    Is it possible to create a VLAN or IF for this Machine and bridge between WAN and this IF/VLAN or are there better ways?

    Thanks for giving some Ideas.



  • @solarizde said in WAN with /29 - public IP for one host:

    maybe some one can give me a push in the right direction how this may possible with pfsense:
    Let's say:
    ISP Provide 1.2.3.0 /29
    GW: 1.2.3.1
    WAN1 IF: 1.2.3.2
    LAN IF: 10.10.10.0 /24
    So I want my LAN to use WAN1 as NAT, that's easy and already done.
    But one Machine behind the pfSense should instead of local IP it should have a own WAN IP directly sitting on it's IF - no NAT. So 1.2.3.3 for this Machine. I still want to pass it through pfSense so I can apply e.g. a shaper or have inter vlan routing to my LAN.
    Target should be that this Machine now directly have a interface with 1.2.3.3 and not just a 1:1 or Forward.

    Do a 1:1 NAT.

    Get a switch or an extra LAN interface and create A DMZ for your special host.

    https://docs.netgate.com/pfsense/en/latest/nat/1-1-nat.html



  • How can I achieve that with your suggestion the Interface of this Machine have the outfacing Public IP not a internal LAN IP?




Log in to reply