Hello all,
I have a /29 of public IPs from my ISP.
I have production and test web servers that need to be public facing. My production servers go out via the normal WAN interface. I have begun to setup the test servers and setup a virtual IP in OPNsense, using another of the public IPs. I have setup NATs and firewall rules, which are attached. When both the prod and test rules are active I cannot issue SSL certificates to either the prod or test servers.
Does anyone know what I am doing wrong? I need both test and prod rules running.
Thanks,
Steve
Out of curiosity, why the indirection? As opposed to simply assigning one or more public IPs to each server. Are you overloading your public address space?
The automatic "<interface> address" alias resolves to *all* addresses on that interface. Create manual aliases for each individual address and use these.