Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Guidance: Single WAN interface with multiple IP, mutiple LAN

    HA/CARP/VIPs
    2
    2
    2197
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tgjackson last edited by

      I have a Soekris 6501 running pfsense 2.0.3 and plan on using it to be the primary single firewall for my setup.  This will eliminate the 5 devices (Linksys Rv082) I have now handling each subnet (and each bound to one of the public IP's).  I have enough network knowledge to be dangerous.  My switches can handle everything I plan to do.  I am new to pfsense, and like what I see so far in testing.

      Details:

      Business-class cable with a /29 subnet, static IP's.  I have 5 class C networks on the "inside".

      My plan:

      I would like all bind my external IP's to the single WAN interface on the pfsense firewall and use NAT to forward ports where I need them on the inside networks.  Seems like all I need to do is add the IPs to the WAN using VIP, then set up the NAT.

      All LAN traffic would egress the pfsense firewall, meaning each class C would have to have a gateway address on it.  Seems like like all I need to do is define the gateway addresses as VIP and then add them to the VLAN section with the appropriate tag, and configure my uplink to handle accordingly.  I may need to tweak the routing.

      Be able to use SSL VPN or IPSec to get traffic onto one or two of the internal subnets.

      I looked around and found variations on this theme.  I have the pfsense device up and have been testing the pieces, just want to see if anyone has advice to improve things, or prevent any pitfalls.

      I appreciate any information, and please let me know if anything more specific is needed.

      Thank you.

      TJ

      1 Reply Last reply Reply Quote 0
      • A
        AMD_infinium05 last edited by

        Apply Virtual IP on your WAN interface and policy based rules on your firewall?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post