NAT and ISP Subnet when load balancing on pfsense?
-
I have a pfsense box that I'm trying to plan the configuration for. I am going to be load balancing two ISP's, each with their own /29 static IP subnet. The question I have is in relation to the way those IP's are associated with workstations on the local network.
Currently I have some workstations with local (192.168.1.0/29) IP addresses, and other more complicated workstation setups have their own public IP address. Some of the more complicated systems have a NAT 1:1 configuration where I forward a public IP address to a local IP address. Others however are directly on the ISP subnet and cannot be seen on our local network.
Is this configuration possible with pfsense? If so, what terms should I be looking through the documentation for?
Here is a simple/brief diagram of what I am trying to achieve.
-
This should all be possible. Bridging the LAN to a bridged WAN should be possible I am told, but I did not manage to get it working.
The issue is in your diagram you lump all your devices together. You would need a separate physical interface for each subnet, or even better a VLAN-capable switch. It seems to me you need 2 WAN interfaces and 3 VLAN inside your network.
-
The pfsense appliance has 4 LAN ports available and it will be connected to three 42-port VLAN capable switches. Is it best to design it as a router on a stick, or to connect each VLAN to a pfsense LAN port?