4. Recommended Public IP Setup for Hosts behind PFSense

Recommended Public IP Setup for Hosts behind PFSense

  • S

    With PFSense 2, what is the recommended setup for public ip for server hosts and client routers behind PFSense?

    Two of my goals of putting them behind PFSense with Public IP address are
    1. all traffic go's thru my traffic shaping
    2. I can use firewall rules to secure hosts/clients

    From my reading/experience, I can use
    1. Bridged Interface to create DMZ
    1. PPPOE Server
    2. private IP and Redirect or 1:1 NAT (running redundant system, would you proxy arp or carp public ip?)
    3. Another way?

    Which setup is preferred/most common that accomplishes my goals?

    I'm not looking for an indepth howto, I have done PPPOE and NAT just want to setup my new router the best possible way.

    0

  • if your public ips are routed through pppoe wan ip you do not need bridge, just routing.

    0
  • S

    I have several blocks of IP's from several providers (3 separate up-links) and was wondering what most people do. My routers use 3 with CARP, and I use PPPOE for one client and have used 1:1 NAT.

    It just seemed that If I bridge to a DMZ interface, I could Traffic Shape and use firewall rules per IP.  Since PPPOE and DMZ both require the client to be on the same "LAN" (VLAN) then I see bridged as "easier", no PPPOE to configure.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy