Messages

I have it functioning with a transparent bridge presently, but it complicates things to say the least.

Yeah but that's assigning a private IP to the host machine.  I want the host machine to use the public IP locally.  It's for game servers, so it's important it knows that it's a public machine and not a private one.  But I'd like to be able to filter the traffic too in the firewall.

So you're saying with the 1:1 NAT, I should be able to set the static interface IP on the machine itself as the dedicated internet facing IP, and not have to use a 192.xxx type IP?  I had read I may need another interface dedicated to that /28 to handle that traffic.  If so, can that be virtual or does that have to be a third physical interface?  If it can be virtual, do VLANs need to be involved?

Good morning, I'm hoping someone can tell me the best way to do what I'm doing.  Most of my work with opnsense so far has been experimental, I'm trying to learn how to do all of the things.  I have a full rack in a datacenter with a 10g copper drop.  I have the 10g drop coming into my opensense machine and then my cisco switch is connected on another interface.  I have a /28 of allocated IPv4 space.  Is it possible for me to have a machine connected to the switch utilize one of the dedicated internet facing IPs?  I may have a misunderstanding of how 1:1 NAT works, but I am currently under the assumption I have to assign a local IP on a machine like 192.xxx and then a virtual IP on the opnsense machine.  I want the individual utilizing this machine to be able to have the dedicated IP information in their /etc/network/interfaces file and not have a "LAN" IP there.  Please advise if you would be so kind, thanks!

If having a switch in front of OPNsense with the drop, and them plugged into that switch is the only way, then I understand, but I wanted the option of filtering the traffic for things like country blocks etc...