Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP, 1 VIP on LAN side, but separate WAN IPs + incoming portmapping

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    1 Posts 1 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pepoluan
      last edited by

      Hello!

      I have a question: Is it possible for two pfSense boxes to act as Virtual Gateway on the LAN side, but still two separate IP addresses on the WAN side, each with its own portmapping?

      The situation is as follows:

      • I have two Public IP Addresses, let's say 1.5.7.3 and 1.5.7.4
      • There will be 10+ servers on the LAN side, private subnet 192.168.1.0/24
      • I can procure another private subnet for CARP between the pfSense boxes 192.168.2.0/28
      • All servers and the 2 private networks are virtualized over VMware cloud
      • 1.5.7.3:80 is to be mapped to 192.168.1.24:80
      • 1.5.7.4:80 is to be mapped to 192.168.1.29:80
      • 1.5.7.3:53 is to be mapped to 192.168.1.18:53
      • 1.5.7.4:53 is to be mapped to 192.168.1.19:53
      • Various other ports between 50'000 and 59'999 are mapped to port 22 of the internal servers, identically on both pfSense

      I want the pfSense boxes to act as virtual gateways to the internal servers, i.e., 192.168.1.1 is a Virtual IP shared by the 2 pfSense boxes.

      Is my configuration possible?

      Thanks beforehand.

      PS: I am currently using pfSense 1.2.3.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.