Connecting to 2 servers on same port from 2 public IP's

  • I have 2 public IP's a .164/24 and .162 on 2 different servers with router IP's of and trying to use port 80 can this be done. I have defined the .164/24 public IP in the Firewall/Virtual IPs tab



  • LAYER 8

    you can have 2 port forward with different destination address
    for example
    destination x.x.x.164 redirect to
    destination x.x.x.162 redirect to

    but, of course, you can't have a port forward with
    x.x.x.164 to
    x.x.x.164 to
    or you need the package HAProxy that do load balancer and proxy server for TCP and HTTP-based applications

  • It has been suggested by the forum to try NAT reflection, so will be looking into this, It will diffidently be a learning experience, trying to find a Dummy proof document to walk me through it


  • LAYER 8

    NAT reflection refers to the ability to access external services from the internal network
    it has nothing to do with what you asked for

  • LAYER 8 Global Moderator

    So you have 2 different routers.. And 2 different servers - what do your servers use for their gateway?

  • Ok well that is a perfect example of how New I am at this, wanna swing by the house and help me out, so your saying the simple method you described should work, I thought I might need to take a look at what position my rule is in


  • @kiokoman If the method you described here works, I would rather avoid installing yet another application to configure (Possibly wrong) and complicate the trouble shooting


  • LAYER 8 Global Moderator

    You still have not described what your doing exactly... Sounds like to me you have 2 different edge routers (you have 2 pfsense boxes?) And then 2 different servers internally on a shared/common lan network?

    What do your 2 different servers use for for their gateways - does 1 point to one pfsense, the other points to the other for their internet?

    A drawing of your setup would make sure everyone is clear on what you have setup.

    But sure doesn't sound like nat reflection is what your after.. Maybe source natting?

  • I have one server using ProxMox which is using the same gateway of both VM (1) webserver and (2) mail server use the same gateway. the webserver is working fine with public the mail server is not getting it's web interface and can use both are attemping to connect through port 80

    See attached drawing
    Miller Network.jpg

    Pfsense config see attached
    Miller Pfsense.jpg

  • LAYER 8 Global Moderator

    This one on your proxmox - is this doing nat? What your doing is correct.

    I would go through the troubleshooting doc.

    What your doing is fine you can have multiple IPs sending to port 80 behind... I would validate that traffic is actually getting to pfsense wan, and then sending it on... This can be done with packet captures on pfsense, under the diag menu..

    If I had to guess its your proxmox setup - firewall maybe on it? And access from other than your local network?

    Did you setup the vip correctly? When you do a vip, it should be available via your dropdown when you do port portward..



    And the mask should be what your network on your wan is using.. Do you have like a /29 or something? Where this address block is coming from?

Log in to reply