Score:0

How can I setup NAT with multiple public IPs (/29 subnet) on pfSense?

us flag

Our ISP provides a /29 subnet which includes the following IPs:

Network Address: 199.1.1.0
Router/Gateway Address: 199.1.1.1
Usable IP addresses: 199.1.1.2 - 199.1.1.6

I would like each of the 5 public IPs to have their own network (NAT), so for example the 199.1.1.4 public address could have the internal network 192.168.7.0, and public address 199.1.1.5 could have the internal network 192.168.8.0.

I've attempted to set this up using Virtual IPs (IP Alias), 1:1 NAT, Outbound NAT, Gateways, multiple LAN interfaces, VLANs, etc. but so far only the 199.1.1.2 public address ever seems to be used. I'm not sure how to setup pfSense 21.05.2 to use these public IPs as different internal networks.

djdomi avatar
za flag
ehat should be the benefit.?
us flag
@djdomi The intent is to have separate networks so that computers in each network can use inbound ports like 80/443 that are in use on the other public IPs, as well as provide a firewall so those machines aren't directly connected to the internet.
Paul avatar
cn flag
Have you read through this Netgate article: https://docs.netgate.com/pfsense/en/latest/firewall/additional-ip-addresses.html
us flag
@Paul Yes it seems to indicate that it is possible (under the "Single IP Subnet on WAN" section) but it doesn't go through the steps to set that up.
Score:1
us flag

I was able to get this working. It involved creating VLANs so the specific ethernet ports could be assigned, creating Virtual IPs (IP Alias type), and creating port forwards and firewall rules which referenced the Virtual IPs. NAT didn't need to be configured.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.