Two Public IPs and Two Networks



  • I'm not sure where I should start with this, I have done some searching and haven't found anything on this. If there is, please give me a link.

    So here is the issue:
    I have two public IP addresses.
    I want one to go to a private network on 172.16.2.0/24 and the other to go to 172.16.4.0/24

    I currently have tried using dual WAN and dual LAN ports but seem to get stuck on the fact that my traffic from LAN2 seems to go out on WAN1. I want to have WAN1 <–> LAN1 and WAN2 <--> LAN2.
    These will be two separate networks that I am using for hosting. There should be no access between them.

    I have also tried using a virtual IP for the second Public IP and have the interface set to WAN1. The issue I have been having with it, is that I can't get to Public IP #2 from outside of my office.

    My testing so far is with port 80.

    We are looking for the best way to get this setup. What can I do to get this working?

    Thanks Brad



  • Need more info.

    Do you have two different WAN NICs?

    Do you have two (or more) different LAN NICs?

    I have a dual-WAN with two LANs and specify gateways on each LAN for each WAN to ensure that traffic routes he same way.  If you don't specify a gateway, traffic will go out the default.



  • I have two WAN nics and two LAN nics.

    What is the best approach? I don't care if I only need to use one WAN nic, but I need the two Public IP's to be forwarded to two separate servers that are on two separate networks.



  • Anyone?? Thanks  :)



  • You can't use two WAN NICs with the same gateway.  It'll only route traffic out of the default gateway.

    If you have more than one public IP address that can use the same gateway, you can do it with one NIC, and VirtualIPs and 1:1 NAT routing. (http://doc.pfsense.org/index.php/1:1_NAT)(http://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses%3F)

    On my WAN2 interface I have a public IP address ...39, and ...40, and ...41.  The ...39 is the LAN2 subnet.  ...40 is a single IP on LAN2, and ...41 is another single IP on LAN2.  I could easily have added another public IP and had that route to LAN1, but in my case I have a completely different WAN connection with a different (different than WAN2) gateway instead.

    Create the one WAN interface and use 1:1 NAT with a VirtualIP.


Log in to reply