Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can pfsense handle multiple real world IP addresses?

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    8 Posts 5 Posters 4.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      timreichhart
      last edited by

      Hi Guys
      I just want to know if pfsense can handle multiple real world IP address? if so how do I setup that up?

      1 Reply Last reply Reply Quote 0
      • L
        leoalfa09
        last edited by

        for that you need to use virtual ips

        1 Reply Last reply Reply Quote 0
        • R
          rwebb616
          last edited by

          Is it really just that simple?  I have a rather extensive setup using Endian firewall that I tried to migrate to pfSense last night.  I added my public IPs under virtual IPs as p-arp addresses and then used the nat port forwarding to forward connections on those IPs to certain machines.  I was not using 1:1 nat.  All port forwards on the interface address worked from the outside, but the ones on the VIPs did not.  I ended up shutting down the pfsense box and going back to Endian for now.  I thought I missed something somewhere.

          I am running pfsense on vmware 2.0.  I have verified that all three network adapters can communicate.  I have internet access from the lan and the dmz and the port forwards from the dmz to the internal lan work.  The only problem I'm having is getting VIP port forwards to work correctly.

          Not sure what other information to give.  Any help is appreciated.

          -Rich

          1 Reply Last reply Reply Quote 0
          • T
            timreichhart
            last edited by

            @leoalfa09:

            for that you need to use virtual ips

            What do you mean I need virtual IP's didn't you read what I asked can pfsense handle multiple real world IP addresses?

            1 Reply Last reply Reply Quote 0
            • GruensFroeschliG
              GruensFroeschli
              last edited by

              And he answered: Yes, for that you need virtual IPs ;)

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • T
                timreichhart
                last edited by

                I am asking why I would need virtual IPs for? would it make sense just to do nat 1:1?

                1 Reply Last reply Reply Quote 0
                • GruensFroeschliG
                  GruensFroeschli
                  last edited by

                  When you create a 1:1 NAT rule, you have a dropdown list in which you have to choose which external IP you want to use.
                  You cannot 1:1 NAT the primary WAN.
                  So you need to add somehow your additional IPs to this dropdown list.
                  You do this by creating a virtual IP.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • M
                    malcifra
                    last edited by

                    Virtual-IPs term can be deceiving. Its not like your virtual IPs. Virtual IPs under pfsense are public/real world IPs that you can bind on your WAN interface ~~.

                    Ofcourse if you are using internal virtual IPs then you can bind them as well. But to clear the confusion, think of virtual IPs as real world IPs in your scenario.  :D~~

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.