Passing Public IP to server Behind PFsense (NO NAT)



  • I apologize if this question has already been asked, but I have search high and low for a solution to this for about a week.  And I am now posting here as a last resort.

    An application required for one of our production servers requires Public IPs be assigned directly to it.  It cannot use Private IPs with public aliases/VIPs.

    I should say that I was able to get it to work using Virtual IPs and some fancy loopback rules on the Server, though this is not Ideal for me.  I do not want to have my production server handling routing, and instead would prefer to have the Public IPs passed to it directly.

    I have two Public subnets, I will using Dummy ones to for ease of communication:

    172.20.20.136/29
    172.20.21.224/28

    Gateway to internet 172.20.20.137
    172.20.20.138/29 is the WAN IP

    I am unsure if I was on the right track, but I was able to set up a Public IP VLAN (10) on the LAN, and set its Ip to 172.20.21.226.  I then went to the Server, and was able to correctly configure it on VLAN 10 and give it an IP of 172.20.21.230/28

    After setting up the appropriate rules, and some luck, I was able to get internet access from the Server.  The problem was it was NATed, and doing a IP check, found that it was using the 172.20.20.138  Address as its Public source.

    Unfortunately it does not seem there is much information on the Web About this problem, or at least it is not common.  Most solutions I see from my searches give me answers using NAT or Virtual IPs or port forwarding.  I would like to stress again, that the whole reason for this is to AVOID the server using any Private IP Addresses.

    Also Please feel free to relocate this thread as needed.

    -Carl



  • Anyone?



  • Ok, so upon further digging, it appears Bridging may be my answer.

    I will be trying this out shortly, and hopefully will be able to utilize VLANs with this.


Log in to reply