OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: jembox on October 06, 2017, 01:22:08 am

Title: NAT outgoing traffic to several public IPs (manual outbound NAT pool)
Post by: jembox on October 06, 2017, 01:22:08 am
-ISP provides 5 static public IP for the WAN
-Basic firewall to NAT office web browsing
-Office LAN 192.168.0.x/24

On a typical firewall the outbound traffic NATs to the one IP of the WAN interface. In a very large office network it is best to NAT outbound traffic to multiple WAN IPs. There are two ways to do this;

Option 1: NAT based on source rules (IP range thru 50 NAT to WAN IP 1 of 5 etc.)
Option 2: Auto NAT each new session one public IP from a pool of WAN IPs (round-robin outbound NAT pool)

I have looked at docs for OPNsense and pfsense and cannot get 'option 2' working. I tried creating virtual IPs, or proxyarp, or host alias and assigning to manual outbound NAT in the 'translation' selection and 'round-robin' in the pool selection. For some reason I always get the default behavior (NAT to main WAN interface IP).

Has anyone done this?