Setting up two web servers

  • I am trying to set up two web servers behind a 2.1 PFSense machine.

    My ISP gives me four static IPs and a single gateway those IPs connect through.  The first web server is set up using port forwarding.  The first server's external IP is (changed for anonymity) and it forwards to  The part I'm stuck on is trying to get my internal IP translated to

    My WAN address is and I set up a virtual IP for  After reading other posts, I have set up the following outbound NAT rules with manual outbound NAT.

    WAN * * * * NO  
    WAN * * * WAN address * NO Auto created rule for LAN to WAN

    The .205 server can't ping the internet or resolve host names after setting up the virtual IP and outbound NAT rule.  The .203 server works as expected.

    Am I missing something obvious?  I want the second web server protected by the firewall/snort while acting as if it is on the internet address.

    Edit:  Here are my state tables when I try to ping Google's DNS.  First, the working server.
    icmp <- 0:0
    icmp -> -> 0:0

    Next, the non-working server.
    icmp <- 0:0
    icmp -> -> 0:0

    It looks like it should be working.  I'm not seeing any blocked packets in the firewall logs.

  • After sleeping and getting a fresh perspective on it, I found the issue.  In my virtual IP, I read the subnet comment wrong and thought it was a CIDR range instead of a subnet mask.  Changing it from /32 to /29 fixed the issue.  Everything else I did was correct, with the exception of intentionally leaving out the port forwarding rules.

    Hopefully someone else sees this and it helps them figure out how to perform a similar setup.

Log in to reply