4. CARP, 1 VIP on LAN side, but separate WAN IPs + incoming portmapping

CARP, 1 VIP on LAN side, but separate WAN IPs + incoming portmapping

  • P

    Hello!

    I have a question: Is it possible for two pfSense boxes to act as Virtual Gateway on the LAN side, but still two separate IP addresses on the WAN side, each with its own portmapping?

    The situation is as follows:

    • I have two Public IP Addresses, let's say 1.5.7.3 and 1.5.7.4
    • There will be 10+ servers on the LAN side, private subnet 192.168.1.0/24
    • I can procure another private subnet for CARP between the pfSense boxes 192.168.2.0/28
    • All servers and the 2 private networks are virtualized over VMware cloud
    • 1.5.7.3:80 is to be mapped to 192.168.1.24:80
    • 1.5.7.4:80 is to be mapped to 192.168.1.29:80
    • 1.5.7.3:53 is to be mapped to 192.168.1.18:53
    • 1.5.7.4:53 is to be mapped to 192.168.1.19:53
    • Various other ports between 50'000 and 59'999 are mapped to port 22 of the internal servers, identically on both pfSense

    I want the pfSense boxes to act as virtual gateways to the internal servers, i.e., 192.168.1.1 is a Virtual IP shared by the 2 pfSense boxes.

    Is my configuration possible?

    Thanks beforehand.

    PS: I am currently using pfSense 1.2.3.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy