Adding 2,000 External IPs to device



  • Hello Guys, 1st post, don't hate.  :)  Two questions.

    I just bought an XG-1540 unit.  I need to have all IP addresses assigned to my WAN interface reply to ICMP packets due to ARIN rules.  I have about 2000 (8x /24 subnets).  Is there a way that I can just do "All"?

    Second, I want each outbound request to go through the NAT Pool.  If the answer to part 1 is somehow Virtual IPs, how can I have it do for instance anyone internally on 10.0.0.0/24 is Round Robin to any of the 2000 IP addresses.

    I really hope this does as the tech who sold me the device said it does.

    Thanks,



  • Is there a way that I can just do "All"?

    I would think that you could create 8 network virtual IPs, and one ICMP rule on WAN should be enough.

    how can I have it do for instance anyone internally on 10.0.0.0/24 is Round Robin to any of the 2000 IP addresses.

    I don't know if this is possible.



  • KOM is correct.

    I was coming back to update the question.

    I added the virtual IPs under WAN, then I added a NAT rule to direct all ICMP to 10.0.0.1 (Internal pFsense IP).

    As for the random IPs, I got it working under 1 x /24 but it seems the policy apply to first come first serve.  When I created a 2nd and 3rd subnet, it only gave me an IP from the 1st policy.  Is there a way to round robin/random the NAT Outbound Policies?



  • Seems like you could change the outbound so that each source /24 could use its own /24 from the public pool.
    So,
    10.0.0.1/24 goes out x.x.0.1/24
    then
    10.0.1.1/24 goes out x.x.1.1/24
    and so on.
    Otherwise it going to count up sequentially for each connection.

    I could be very wrong since I don't use IP pools for outbound.



  • @KenBeanNet:

    I added the virtual IPs under WAN

    I'm curious what VIP type you chose for this- are you using "Other" or Proxy ARP?


Log in to reply