Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How common are IP Aliases on WAN interfaces?

    HA/CARP/VIPs
    3
    5
    1042
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      coreybrett last edited by

      How common are IP Aliases on WAN interfaces?

      I am having a problem with my RCN internet connection.
      I have a /28 network block with my connection.
      On the WAN interface I have 146.x.x.2 assigned and I also have 146.x.x.3, 146.x.x.4, 146.x.x.5 and 146.x.x.6 configured as aliases.
      The reason for multiple IPs is exposing several SSL websites on my internal network via port forwarding.
      Problem is, only the dot 2 address is accessible from the Internet. I know that dot 3 โ€“ dot 6 is working on the WAN side of pfSense by testing with a laptop, but from the Internet they are unreachable.

      I have been trying to explain to RCN tech support that I have 2 โ€“ 6 all assigned to the same interface on the same device, but they seem to think I am crazy for doing so.

      Am I?

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        IP Aliases are very common on WANs in that style of deployment on a single unit (clusters would use CARP VIPs). If you are using them purely for NAT, then either IP Alias or Proxy ARP would be the type used normally in that situation.

        There are some upstream modems/sources that want each IP to have a unique MAC address, which would happen with CARP but not IP Alias. So you might try seeing if using a CARP VIP will work. Such requirements are infrequent, but it's worth trying.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • C
          coreybrett last edited by

          Thanks for the info. Sorry for the REALLY late reply.

          I ended up dumping RCN because their support was horrible and went back to Comcast which worked fine with IP Alias config.

          If I ever run into this again and want to use the CARP option, would I need to fill in the Virtual IP Password, VHID Group or Advertising frequency when using a single firewall?

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            Talk about late? ;)ย  This thread was from 2014โ€ฆ Almost 4 years late... wow.. hehehe

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.01

            1 Reply Last reply Reply Quote 0
            • jimp
              jimp Rebel Alliance Developer Netgate last edited by

              @coreybrett:

              If I ever run into this again and want to use the CARP option, would I need to fill in the Virtual IP Password, VHID Group or Advertising frequency when using a single firewall?

              Yes, you still need to fill that in even if it's a single unit since they are all required parameters to configure CARP.

              Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post