Multiple Wan IP to multiple servers using same ports



  • I thought I would post this for anyone else that has tried to do the same thing with 2.1 and fought it.

    What I needed to do was forward traffic on the same port to different internal addresses.  I have 2 wan ips going to 2 servers both using port 80

    Ex.

    77.33.44.55:80 to 192.168.0.5:80
    77.33.44.56:80 to 192.168.0.6:80

    To accomplish this I did the following:
    My first IP was already configured as my Primary Wan connection so from there,

    1. set up a virtual IP by going to Firewall> Virtual IPs the click the add button, select the IP Alias radio button, set the ipaddress as 77.33.44.56/32, named it and hit save.

    2. Create 1:1 nat as follows

    Firewall>NAT click the 1:1 tab, click the new entry button then

    Interface > WAN
    External Subnet IP> 77.33.44.56
    Internal IP> 192.168.0.6
    Destination> any
    Description> second wan

    Click Save then click apply

    3. set up port forwarding for each connection setting the destination address as the external wan address as follows:

    For the first wan address that is also my primary wan:
    Interface > WAN
    Protocol > TCP
    Source > any
    Destination> type is single host  address is 77.33.44.55
    Destination port range> HTTP for both
    Redirect target IP> 192.168.0.5
    Redirect target port> HTTP
    Description> nat forward 1

    click save, then click apply

    –For the second wan address:
    Interface > WAN
    Protocol > TCP
    Source > any
    Destination> type 77.33.44.56 (second wan)
    Destination port range> HTTP for both
    Redirect target IP> 192.168.0.6
    Redirect target port> HTTP
    Description> nat forward 2

    click save then click apply

    The key on this was that after creating my 1:1 nat rule, it then showed up as a destination type in my port forwarding rules so what my port forwarding rules are doing is this:

    if the request @ port 80 has an external destination of 77.33.44.55 then forward to 192.168.0.5
    if the request @ port 80 has an external destination of 77.33.44.56 then forward to 192.168.0.6

    There may be a different or better way to accomplish this, but this method seems to work pretty smooth for me, and hopefully it can save someone a few hours of cursing to get to the same end goal


Log in to reply