Multiple WAN-ip: Use Virtual IP or use second network adapter?



  • I have two external WAN ip-addresses, one ending in .135 en one ending in .136. This I want to NAT as follows:

    x.y.z.135 port 80 –> internal webserver 1
    x.y.z.135 port 25 --> internal mailserver 1
    x.y.z.136 port 80 --> internal webserver 2
    x.y.z.136 port 25 --> internal mailserver 2

    The usual solution I find is to assign x.y.z.135 to the WAN port and make the other ip x.y.z.136 a Virtual IP. Next I can use NAT port forwarding on the new Virtual IP.

    Alternatively, as I am running my pfSense virtualized on ESXi 6, I could also add another network card and have a completely separate WAN interface for the second ip-address. That way I would not need Virtual IP's at all (I think).

    The second solution with an extra adapter seems much simpler to me. Why do I never find that as a suggestion on the Internet or on this forum. Am I overlooking something?


Log in to reply