Public IPs on LAN



  • Hi,

    I have several servers configured with public IPs (64.134.15.82, 83, 84, ….).  I need tp put pfsense FW but can't change the IPs of the servers.  Also, all the servers behind the firewall need to talk to each other on mysql, postgres, http ports as they interact with each other.  Please let me know what is the best way to configure the firewall.  Also the two servers I have available for the firewall have only two NICs each.  I need to configure the failover for both.

    Thanks in advance.

    -Vic



  • check out 1:1 NAT. Sounds like that's what you'll want..



  • 1:1 NAT requires putting a private IP on the server and mapping that to a public.
    If you have to leave public IPs on the boxes, you would want a filtering bridge.
    Trendchiller has an excellent doc on this here: http://pfsense.trendchiller.com/transparent_firewall.pdf
    It may be getting a little dated, I haven't done a bridge setup in ages.

    If you have private IPs also, the most common solution is to create a DMZ bridged with your WAN.


Log in to reply