Configuring Multiple IPs



  • I have been searching through alot of documentation and posts trying to find out how to configure what I need, and not finding what i need. I am new to PFSense, as well as advanced routers, beyond basic netgear/linksys home routers.

    Currently my network is using 4 separate routers each using a static IP from my single ISP. The routers LAN IPs are 192.168.5.1, 192.168.5.2, 192.168.5.3, 192.168.5.4, and all are on the same 255.255.255.0 subnet. Each router does it's own port forwarding to multiple different servers on the local network.

    I want to consolidate everything into one PFSense router, so I put 8 ethernet ports into a 1U server(3.0ghz P4, 2gigs ram), which on my first thought was to have a WAN and LAN port for each Public IP address. I dont know if that would be the most effective way to configure it or as i have been reading about using virtual IPs would. Everything will be on same network subnet, i just need the traffic to/from certain servers to be able to go out certain IPs.

    Hopefully someone will have a recommendation on how to set this up the most effective/efficient way, that has set up a similar network. I am probably over-thinking and over-complicating this, and I hope i explained this well enough.



  • What you are describing can be done with VIP or multiple WAN connections. Since the LAN ips are all in the same subnet, you can use only 1 LAN.
    I think in this case, IP Alias would work the best for you on the WAN. You can then NAT the (be it 1:1 or port forward with manual outbound NAT) IPs into their designated server.
    This is quite common use. I know I use that very scenario in 2 colo DCs. And at my office, and at home.



  • @podilarius:

    I think in this case, IP Alias would work the best for you on the WAN. You can then NAT the (be it 1:1 or port forward with manual outbound NAT) IPs into their designated server.

    Each IP address has multiple servers attached to it. We do portforwarding for 5060,80,22 to one server, and then 3389 to another server on one IP address. On the next IP address the same thing, 5060, 80,22 to one server then 3389 to another. In total I have 7 public IP addresses that each will be associated to 2-3 different servers for port forwarding/traffic. How would i do the NATing for this?

    I am willing to pay someone to go in my router and help me get this set up, I need to get this up ASAP and get a basic understanding of how to configure it.



  • sounds like a combo of port forwarding and manual outbound NAT.
    Setup IP Alias,CARP, or ProxyARP VIP for each that you are going to use.
    Setup portforwards to forward the traffic into the correct server. Then test to make sure that works.
    Once that is working, then go to outbound NAT. Switch it to manual. At the top (since it works top down) add each server with any port as the source with destination any. Set the NAT Address to the corresponding VIP.


Log in to reply