4 WAN interfaces but within same WAN subnet

gcu_greyarea

@Rico said in 4 WAN interfaces but within same WAN subnet:

https://docs.netgate.com/pfsense/en/latest/book/multiwan/multi-wan-caveats-and-considerations.html

based on the kb article posted by Rico, you could try taking your modems out of bridge mode and enable NAT.

This will depend on which modems you have and connection type.
Most ISP provided modems will do basic routing etc.

You could configure each modem LAN interface for a different subnet in the RFC 1918 Range.

Then create 4 Gateways on pfSense. You'll be doing double-NAT but you may achieve your goal.

pete35

Hmmm. What is the point to have 4 WAN lines to a single ISP Modem? Use one WAN line and disconnect the others. If you need multiple public internet IPs, contact your ISP, they will route it to your Modem, you can configure that as VIP on Pfsense. Only one set of WAN rules to maintain, so this is much easier. You can split your WAN to several different LANs behind the Pfsense, you may use Vlans for that. Use the firewall rules to limit access between that LANs if needed.

gcu_greyarea

@pete35

The way I understand it is that he's got 4 modems ...
But if there's only one modem there's really no point.

pete35

he wrote ... at home .... that will be very unusual to have 4 modems ....

gcu_greyarea

Yeah that would be unusual... Perhaps he's on ADSL and needs the bandwidth ...

NogBadTheBad

@pete35 said in 4 WAN interfaces but within same WAN subnet:

Hmmm. What is the point to have 4 WAN lines to a single ISP Modem?

Maybe the ISP is bonding the 4 WAN lines on the modem, but then you'd only get the single IP address not 4.

toehl001

Thanks for all your great responses!
I guess I will be stuck with only one IP address on my modem, if I don't come up with something weird.. or double NAT or so..

@gcu_greyarea said in 4 WAN interfaces but within same WAN subnet:

@pete35

The way I understand it is that he's got 4 modems ...
But if there's only one modem there's really no point.

I do have 1 modem at home with 4 ethernet ports. Since i turned of the routing function in the modem by my ISP, I get public IPs on every interface I add on the ports (and even on the built in wifi).

@pete35 said in 4 WAN interfaces but within same WAN subnet:

he wrote ... at home .... that will be very unusual to have 4 modems ....

You are correct, this is at home :)

Kind regards,
Tobias

Grimeton

Well,

what about gratuitous ARP on each interface for the IP?

Cannot be that hard to set this up.

https://en.wikipedia.org/wiki/Address_Resolution_Protocol#ARP_announcements

Cu

toehl001

The thing I wanted to achieve is to have 3 public IPs at home for 3 different VLANs.
1 VLAN which is my internal home-network.
1 VLAN which is my server network.
1 VLAN which has my IoT devices.

And what I wanted for example, to open port 80/443 on one public IP to one server and on the next IP to another server.

One thing I have in my mind is also to tunnel the net over VLAN to my ESXI box and setup some virtual pfSense boxes there.. and they can then get a public IP directly from the ISP and then I can it inside to my network.
The server will in this case have 2 NICs, one that is towards the default gw (which is the virtual pfSense) and one that has an IP on my homenetwork.

Grimeton

@toehl001

https://forum.netgate.com/topic/60600/gratuitous-arp-from-virtual-ips/17