Putting WAN IP inside pfSense

  • Right now I have WAN (static IP) on one interface  and LAN with multiple VLAN's on another interface; everything works great.

    Problem is, I have a couple webservers which also have static public IPs (same network as WAN IP) and these share the same native Ethernet connection to my provider via a simple switch (unmanaged). If several people go downloading ISO's or OVF's at the same time, I get no bandwidth on my LAN.

    I would like to use pfSense to shape traffic to these webservers by placing them on a VLAN where they could retain their public IP's. Can I just create a VLAN on the LAN interface and brdge it to the WAN?

  • Yes you could.
    I had some routing problems when using bridge + routing but you can try.

    If you need more options, you can set all public ips at wan and Forward(or balance, or filter) the traffic To internal or dmz servers using:

    • nat

    • pfSense load balance

    • apache+mod_security

    • varnish

    • haproxy

    And then apply traffic shape

Log in to reply