Need some guidance on configuration



  • I have a fresh pfSense 2.1 install going and I'd like to put it into a rack that has just been provisioned. I have a single network drop and CIDR /27 range of IP addresses coming through it. I'd like pfSense to take these IPs and be able to route specific ranges of them to different servers inside the network. I see several things that look promising, but I'd like some tips on best practices / approaches for this. Any help is welcome!



  • I use CARP VIPs for 2 reasons. It is better than ProxyARP in some ways, and in the future, I can setup clustering without have to redo IP alias or ProxyARP. If you are never going to cluster, then IP alias VIPs would be the way to go IMO. Once you have the VIP setup, then you can setup NAT and the rules. There is 1:1 NAT or port mapping. port mapping allows for potentially more internal servers as you can put different ports on different servers. There is a book and a document repo that you can use to help you with the setup.


Locked