How do I set up the WAN with a different gateway than the main Hosting Gateway?

Edhasw

I just hired a hosting with proxmox, and the company gave me a main IP like this 194.152.28.56 with Gateway 194.152.28.1, this is the IP to access proxmox, but additionally, it gave me 3 Ips more similar to these 58.65.125.64 and 210.36.59.145 and 180.56.58.145.

And when I configure the WAN, I use one of the additional IPs for example 58.65.125.64 and when Pfsense asks me for the GateWay, I write it the main Gateway, the main IP 194.152.28.1, but Pfsense gives me an error saying that it is not I can use because it is not from the same subnt.

How can I configure Pfsense with an IP that is different from the main GateWay?

Thank you very much in advance for the help.

Rico

In the Gateway Settings Display Advanced > Use non-local gateway

-Rico

Edhasw

Hi @Rico Thank you very much for answering.

The only place where I find that option is when creating a new Gateway, that option appears under advanced.

What I understand in that case is that I should put the new Gateway here and give that option ok, am I correct?

Derelict

You should not have to.

If the upstream ARPs for the 58.65.125.64 and 210.36.59.145 and 180.56.58.145 addresses, it will know to send the traffic to the right interface. Just add IP aliases for those on the WAN. No additional gateways needed.

If they are routed to you, then you can add aliases for them on the WAN or route them any way you like because they will just arrive on the WAN interface addressed to the MAC address of the 194.152.28.56 interface.

Bottom line is we need to know how those additional addresses are provisioned in order to assist you. The above two scenarios are the most likely ones.

And Net Masks Matter. Please provide them.

Edhasw

Hi @Derelict

Thanks to help me, but sorry I don't understand you
I will explain the situation to see if you can help me

In the hosting I have a Proxmox to mount 3 Virtual machine server, and I got the 3 more IPs from my hosting provider, but the GateWay and main IP are different to the other 3 IPs. the main IPs is only to proxmox and is connected to a one NIC that NIC is the main to get access to internet for all virtual machine.

I tested a 1 Virtual machine with one of the additional IPs and MAC, and I got access to internet, but when I installed Pfsense I did not get access to internet from Pfsense, I test the option 7 in Pfsense to make pin a google.com and I don't get acess to internet.

In a banktest of my home computer, I do a install of Pfsense con VirtualBox and all is Ok, of course at home I have DHCP and that is why it works well, but I understand that it should work well with Pfsense if I have Public IP as is the case with my hosting

Thanks you very much to help me

Derelict

@Derelict said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

Bottom line is we need to know how those additional addresses are provisioned in order to assist you.

Love to help but we are still no closer to having this information.

What, exactly, did the hosting provider give you regarding the provisioning of these addresses?

What, exactly, did they give you as instructions for putting them to use?

Edhasw

@Edhasw said in How do I set up the WAN with a different gateway than the main Hosting Gateway?:

58.65.125.64

Hi @Derelict

In the Hosting, the IPs an MAC is to access a Internet from the Virtual PCs, throu virtual Bridge atached a the Network Interface

This is I test with Proxmox and Pfsense but not work, don't get access to internet from Pfsense. When make install, I test the option 7 to do ping a google.com and do not have access to internet

But if I install a only a one Virtual Machine with Centos 8 like this, all is ok, I got it access to internet very well

Thanks for helping me, regards

Derelict

OK -

just forget about "additional gateways" for now. They did not specify anything about them.

Make IP alias Virtual IP addresses for the three new addresses like this:

Firewall > Virtual IPs

Add

Make a 1:1 NAT for each VIP to each internal server:

Firewall > NAT, 1:1

Add

Make a firewall rule passing the desired traffic to the INSIDE address of the server (Example for HTTPS TCP/443):

Firewall > Rules, WAN

Edhasw

Hi @Derelict thanks for your help.

I will test your recommendation soon, I had a trouble with hosting, the system crashing and I will have to reset and reinstall

When I can set all good, I will test your recommendation, and I will to continue with this thread.

Thanks you very much