5 dynamic WAN + 5 internal LAN gw



  • Hi.

    Version: pfSense 2.0-RELEASE

    I have my pfSense in a ESXi box and are able to add alot of NICs virtualy.
    And since my ISP gives me 5 external IPs (dynamic) I though I'll use them all!

    My VMware box will provide different services all on the SSL (443) port. So I must give them a separate external IP.

    Each VM will have a different GW spcified so the pfsense could route to correct WAN ip:

    Example:
    10.1.0.250 -> WAN IP 1
    10.1.0.251 -> WAN IP 2
    10.1.0.252 -> WAN IP 3
    10.1.0.253 -> WAN IP 4
    10.1.0.254 -> WAN IP 5

    How can this be made? I have tried adding Gateway to the nics on the LAN side. But it still only use the primary that I specified at installation of pfSense.

    TIA



  • You need manual outbound nat



  • With 5 dinamic wan address you will need a more complex scenario because you can't have 5nics with same gateway.

    You may need one pfsense with source routing behind other 5 pfsenses.

    If your addresses were static, you need just one wan interface and only one pfsense.



  • @marcelloc:

    you can't have 5nics with same gateway.

    But I doesen't try to use the same GW for 5 WAN ips. I have specified the separate internal IPs in my earlier post.
    I have no trouble to install 5 VMs of pfsense, each one equiped with 1 LAN & 1 WAN interface.
    ..but it would be nice to only need to administrate / config only one pfsense.



  • @Metu69salemi:

    You need manual outbound nat

    Than you for the tip!..but:
    I have tried some different settings and it still won't work.
    I have even tried inserted a new rule (on top) telling pfsense that WAN_02 should be used if IP 10.1.30.15/32 (my laptop) tries to access the internet. But it still uses WAN_01.

    ..You are most welcome over a TeamViewer session if you have the time.



  • With one pfsense:

    • configure wans and gateways

    • configure outbound nat(automatic for non complex scenario)

    • create a rule in lan saying that src ip x.y.z.s to any uses wan2 Gw

    • save,apply,test



  • @marcelloc:

    With one pfsense:

    • configure wans and gateways

    I've spent several hours trying to do it right. But without any success.
    My guess is that I fail to understand how to setup a Gateway (placed under Routes right?)
    Any suggestions? When I add a GW i select a WAN interface and the GW says "dynamic" since it is DHCP involved  from the ISP.

    Right so far?



  • When interface is configured via dhcp, Isn't the gateway already applied?



  • @marcelloc:

    When interface is configured via dhcp, Isn't the gateway already applied?

    Yes, true.

    I'm a bit confused since "gateway" can be either the ISP gateway (internet IP) … or it can be my internal computers gateway (that would be a IP on the local 10.1.x.x net)

    Would this scenario be so unique? I mean.. alot of us gets 5 dhcp IPs for "free" from our ISP (at least here in Sweden). And ofcourse you can see the point using them when it comes to different services using the same port (SSL 443 in my case).



  • For your pfsense box, use only isp gateway unles you have other network to reach with some gateway at lan.


Locked