Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - jwtoler

#1
17.7 Legacy Series / NAT Outbound Issue
September 27, 2017, 09:32:14 PM
I have 5 public static IPs assigned to me from my ISP. The modem they provide requires each ip to have a unique MAC address - so I created the appropriate Virtual IPs using CARP. My end goal is to have it set up the way it was when I was running pfSense (I wanted to switch and give this a go). With pfSense, I had my LAN (10.0.1.0/24) which had 3 web servers running in the LAN NET. All 3 servers need to have ports 80/443 open so I assigned the CARP IPs to just one ip address/server in the LAN NET and everything was working; after applying to appropriate rules, etc. So I was trying to replicate my set up w/ OPNsense and below is a run down of what I have going on currently:

Server #1 would have a public ip of X.X.X.21 (CARP) and a private ip of 10.0.1.5
Server #2 would have a public ip of X.X.X.22 (CARP)  and a private ip of 10.0.1.6
Server #3 would have a public ip of X.X.X.23 (CARP) and a private ip of 10.0.1.7
Everything else on the LAN would have a public ip of X.X.X.20 and a private ip range of 10.0.1.50-10.0.100

With OPNsense... when I try to go create the Firewall:NAT:Outbound rule to allow the servers to work correctly, I am unable to set the source as a single host. I enter 10.0.1.5/24 and when I hit save it ends up changing the source to be 10.0.1.0/24, which of course makes my whole LAN have the same public ip X.X.X.21 instead of the server having X.X.X.21 and everything else having X.X.X.20.