Converting from 4 DD-WRT routers to a single pfSense

  • We have a site that has slowly grown from one to four routers, each with a different static IP from our ISP.  Each router generally services a different type of work: office connectivty, main web site, support web site and a remote support server.

    We are finally replacing them with a single instance of pfSense.

    On a prior install we had defined a second static IP for the site as a virtual IP, adjusted tee port forwards and all worked fine. This site was a bit simpler - just office internet access with web server and a separate remote backup server.

    For this site it seems that just defining 3 virtual IP's for the additional 2nd, 3rd and 4th static IP addresses is the least disruptive to our internal network.

    Is there a better approach? Or as usual is it one of those "it depends" questions?

    Thank you - Richard

  • Rebel Alliance Developer Netgate

    If all of the IP addresses are in the same WAN subnet, then using Virtual IP addresses and some manual outbound NAT rules will let you have the same sort of setup you had before where certain internal groups leave via different WAN IP addresses.