Adding 2,000 External IPs to device
-
Hello Guys, 1st post, don't hate. :) Two questions.
I just bought an XG-1540 unit. I need to have all IP addresses assigned to my WAN interface reply to ICMP packets due to ARIN rules. I have about 2000 (8x /24 subnets). Is there a way that I can just do "All"?
Second, I want each outbound request to go through the NAT Pool. If the answer to part 1 is somehow Virtual IPs, how can I have it do for instance anyone internally on 10.0.0.0/24 is Round Robin to any of the 2000 IP addresses.
I really hope this does as the tech who sold me the device said it does.
Thanks,
-
Is there a way that I can just do "All"?
I would think that you could create 8 network virtual IPs, and one ICMP rule on WAN should be enough.
how can I have it do for instance anyone internally on 10.0.0.0/24 is Round Robin to any of the 2000 IP addresses.
I don't know if this is possible.
-
KOM is correct.
I was coming back to update the question.
I added the virtual IPs under WAN, then I added a NAT rule to direct all ICMP to 10.0.0.1 (Internal pFsense IP).
As for the random IPs, I got it working under 1 x /24 but it seems the policy apply to first come first serve. When I created a 2nd and 3rd subnet, it only gave me an IP from the 1st policy. Is there a way to round robin/random the NAT Outbound Policies?
-
Seems like you could change the outbound so that each source /24 could use its own /24 from the public pool.
So,
10.0.0.1/24 goes out x.x.0.1/24
then
10.0.1.1/24 goes out x.x.1.1/24
and so on.
Otherwise it going to count up sequentially for each connection.I could be very wrong since I don't use IP pools for outbound.
-
I added the virtual IPs under WAN
I'm curious what VIP type you chose for this- are you using "Other" or Proxy ARP?