Multi IP wan / Bridge to different interface.
-
Hello,
I have an embedded pfsense running 2.2.6.
I wish to run a service on RHEL which requires a license and insists on a public ip or registration will fail. Im not overly enamoured by having it internet facing, but I'll trial it and see how it goes.
it is for the above reason I don't believe the standard 1:1 NAT is going to work.I have got an a /30 from my ISP which equates to 4 ips, with 2 being usable + gw and broadcast.
Here is what I've done.
_________________ ____________ _______ _____________
| 60.240.xxx.xxx.3 |WAN PPPOE re0|pfSense |re1|Switch ||192.168.0.1/24|
|| | || || |____ |
| |
additional IPs_ | | ______________
|14.xxx.xxx.24 |_____________| |14.xxx.xxx.25(re2)| 14.xxx.xxx.26 |
| /30| |_____________|I've been reading a ton of forum posts and they all seem to want to use NAT 1:1 and IP Alias's of some sort, because I'm effectively using a transparent bridge for re2, I think it means that i don't need all that. But im curious to know if im on the right track.
In order to achieve the above, I have done the following:1/ Create a new interface assigned to DMZ(re2) and assign the 14.xxx.xxx.25 (Upstream GW = no) (untick "Block Private Networks")
2/ Create a bridge between WAN(re0) and DMZ(re2) interfaces.
3/ Write a WAN rule with a destination of 14.xxx.xxx.24/30 (All Ports)
4/ Write a DMZ rule with a destination,Port, Gateway of *
Is it this simple?
Have I created any risks to the LAN by doing this? - it all seems to be working, just not sure its best practice.
Also it seems I've sacrificed an IP for the interface - is there another way of doing it?Regards
Cam