Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Distribute VIP's to specific LAN users

    HA/CARP/VIPs
    2
    2
    64
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prk last edited by

      Hello everyone,
      I hope I am asking this at the right forum.
      I am a newbie and this might be a noob questions.

      My internet provider is giving me 5 usable static IP's
      I am successfully able to use internet using the default WAN settings.(something like 103.11.12.14)

      I wanted to know if I can distribute Virtual IP's to users in my network, as in, local IP 192.168.1.10 to 192.168.1.19 tries to access whatismyip.com the public IP for them should show as 103.11.12.99
      local IP from 192.168.1.20 tries to access whatsmyip the public IP it shows to them will be 103.11.12.100

      Another question is if I can make sure that all requests which goes for port 22 (outbound) should always use my Public IP and for all other services it should use Virtual IP.

      Below is the IP range I have got (not exactly same but similar).
      WAN IP
      IP - 103.11.12.14
      Sub net - 255.255.255.252
      Gateway - 103.11.12.13

      Public IP Pool - 103.11.12.96/29
      Network - 103.11.12.96
      Gateway - 103.11.12.97
      Broadcast - 103.11.12.103
      Usable - 103.11.12.98 - 103.11.12.102

      Can somoeone help me on how this needs to be configured.
      Thank You

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @prk last edited by

        @prk
        You can do that all with Firewall > NAT > Outbound. Switch it into hybrid mod, then you can add rules to override the default behaviour (masquerading).

        If you strict want to forward a public IP to a certain internal and have this internal IP use that public, you can use NAT 1:1 rules.

        However, before you have to assign each IP out of the additional /29 subnet in Firewall > virtual IPs as type "IP Alias" to your WAN.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy