Public IP on LAN/OPT Interface
This should be a pretty basic configuration however I am missing something. Note: I am currently working in a lab, production is a month out.
I need to use static public IPv4 addresses on the LAN/OPT interface.
Internnet –-> Switch <--> PFsense <---> Switch <---> eth 0 (Server) Public IP
<------------------------------------> eth1 (Server) Public IP
With both NIC up I can ping both public IPs. If I turn eth1 off, everything goes down.
Looking at the routing table, I have determined the problem is the system cannot access the public gateway (its using eth1 for this route). When eth1 is up, all traffic from eth0 pass pfsense.
Some questions I know I will be asked:
- Firewall > NAT > Outbound = Manual Outbound NAT rule generation (AON - Advanced Outbound NAT)
- No virtual IPs are created. I have read people doing this, but I don't think it's where my problem is
- LAN is using a public IP and public gateway (different subnet than pfsense)
I think the answer here is a static route, maybe...
The goal here is to be able to block ports on the outbound but also easily be able to remove the restriction per IP as needed.