routing multiple public ips behind the firewall to servers
-
how can i route my extra public ip adresses i have from my isp?
i tried many tutorials but none seem to work i need the public ip to be routed inside the network so behind the firewall so i can assing it to my servers and vms. -
@pandacraft
You want to have the public IP behind pfSense or forward them to your internal devices by doing NAT? -
i want to be able like right now to set the public ips directly in the server as static ips
-
@pandacraft said in routing multiple public ips behind the firewall to servers:
i want to be able like right now to set the public ips directly in the server as static ips
Keeping this simple you could 1:1 NAT
-
and how would i do that? since i tried it and it didnt work but maybe i did it wrong
-
@pandacraft said in routing multiple public ips behind the firewall to servers:
and how would i do that? since i tried it and it didnt work but maybe i did it wrong
Check out Netgates explanation:;
https://docs.netgate.com/pfsense/en/latest/nat/1-1.html -
@pandacraft
1:1 NAT is even network address translation, which means you have your public IP assigned to the router (or at least routed to it by your ISP) and your internal servers are within another network segment.
That is the recommended way though, but the server will not have a public IP assinged, it is forwarded to them. That's why I asked hat you really want. -
Rn we have no router just straight to the outside world with our servers so ye but we want pfsense for the vlans and dhcp and some mo itoring and be able to block ips when they use too much internet etc
-
@pandacraft
pfSense is a router. If you want to have your servers in separated VLANs you to separate them from the internet anyway. So go with NAT.NAT 1:1 translates a public IP or a network range to an internal IP or network range and also the other way round.
When you do simply port forwarding it translates only one way (mostly public to private). For the other way the outbound NAT is responsible. By default pfSense translates any upstream traffic to the WAN interface address, but you may also add your own rules for other behavior. -
I need the public ips working inside the network
Otherwise my clients would be confused with ips etc and how do big hostings and isp that then they can route public ips etc -
--> https://docs.netgate.com/pfsense/en/latest/recipes/route-public-ip-addresses.html
-
i need the traffic of the public ips on he same phisical port and it needs to work with multiple vlans
-
@pandacraft said in routing multiple public ips behind the firewall to servers:
i need the traffic of the public ips on he same phisical port
On pfSense? Still not clear, what you want to achieve exactly.
However, all provided solution don't interfere with VLANs. But don't know, what you want to aim with the VLANs in this context. Maybe a drawing of your aspired network setup can clarify it.Is the extra public IP routed to the primary by your ISP?
-
yes the public ips are routed by our isp i can directly set the ip in linux as static and i have internet. we are in the datacenter
-
@pandacraft
So you can implement the solution in the link above provide by @ptt. Only drawback is that you need to use one IP out of the extra range as gateway. -
@viragomann how would i do that over the same port as the dhcp etc etc
