4. MultiWAN port redirect question

MultiWAN port redirect question

  • E

    I have a multi-WAN upgrade situation that I’d like some advice on if possible - here’s the situation:

    We have a static IP /27 cable network with a web server, DNS host and FTP server on a couple of IP addresses, and a mail server on the internal LAN accessible from outside via a port redirect rule and virtual IP address.

    We have a second WAN (dsl) that is just a backup for the main WAN (3Mb/300k) and handles non-essential traffic.

    This afternoon we installed a third (faster/cheaper) cable network connection with a single IP address and I’d like to move the services above from the /27 network to the new single IP network - but I don’t want any downtime and so I’d like to have them all accessible on both WANs while the DNS changes propagate and the mail server generates a “reputation” with the new IP address before I pull the plug on the old (slow/expensive) /27 network.

    All three WAN connections are currently functional and connected to pfSense.

    There are no port conflicts with having all these services on a single IP address - am I likely to create problems if I duplicate the port redirects on both cable WANs for a few weeks?

    NB: Networking is not my day job, I’ve been using pfSense for a long time but don’t consider myself anything more than a firewall amateur - I can get most things to work … eventually...

    0
  • C

    If you do a NAT redirection for more than one WAN, to the same lan target there must be no trouble. To my eyes, is like put 2 front doors to a house, for ones it must be lame, but for others there are very nice beneffits.

    The problem goes if in the same WAN create a NAT using the same IP and he same port for two different targets on the lan.

    Try it, do some test when the trafic is at its lowest if you feel unconfortable and, when you are ready, go for it  8)

    Regards

    0
  • E

    This is going to be a temporary arrangement while we transition to the new IP address and network - the new 60Mb/10Mb network will cost us about $100/month whereas the existing 3Mb/300kb network is costing nearly $300/month.  So we're just in it for the money.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy