0

Our ISP provides a /29 subnet which includes the following IPs:

Network Address: 199.1.1.0
Router/Gateway Address: 199.1.1.1
Usable IP addresses: 199.1.1.2 - 199.1.1.6

I would like each of the 5 public IPs to have their own network (NAT), so for example the 199.1.1.4 public address could have the internal network 192.168.7.0, and public address 199.1.1.5 could have the internal network 192.168.8.0.

I've attempted to set this up using Virtual IPs (IP Alias), 1:1 NAT, Outbound NAT, Gateways, multiple LAN interfaces, VLANs, etc. but so far only the 199.1.1.2 public address ever seems to be used. I'm not sure how to setup pfSense 21.05.2 to use these public IPs as different internal networks.

Coder6841
  • 111
  • 2
  • 1
    ehat should be the benefit.? – djdomi Dec 09 '21 at 18:30
  • @djdomi The intent is to have separate networks so that computers in each network can use inbound ports like 80/443 that are in use on the other public IPs, as well as provide a firewall so those machines aren't directly connected to the internet. – Coder6841 Dec 09 '21 at 19:41
  • Have you read through this Netgate article: https://docs.netgate.com/pfsense/en/latest/firewall/additional-ip-addresses.html – Paul Dec 09 '21 at 21:37
  • @Paul Yes it seems to indicate that it is possible (under the "Single IP Subnet on WAN" section) but it doesn't go through the steps to set that up. – Coder6841 Dec 10 '21 at 21:13

1 Answers1

1

I was able to get this working. It involved creating VLANs so the specific ethernet ports could be assigned, creating Virtual IPs (IP Alias type), and creating port forwards and firewall rules which referenced the Virtual IPs. NAT didn't need to be configured.

Coder6841
  • 111
  • 2