Topics

I can't be that wrong can I?  (Probably....)

My ISP has delivered a CSU type device with my new ARIN addresses 199.180.200.x/24 as well as my V6 block.
The unit has its magic ethernet port whereupon I receive these addresses.  I was HOPING I could :

• Assign a new Internet (PublicIP) to one of the router's spare ports.  Think of this as a second WAN port
• Give the publicIP interface a static address out of that space 199.180.200.1/24

.

• Since the servers behind the router only have one port, I'd have (2) private addresses per host, say 10.11.12.1 and 10.11.13.1
• Create a routing rule that says "Anything 10.11.12.x goes out the default WAN, anything 10.11.13.x gets one-to-one NATed to 199.180.200.x and goes out the alternate WAN[/li 
  

When I try to set up a NAT 1:1, I try to say:

External Interface: 199.181.204.x/24 PublicIP Interface
Internet Interface LAN.address
Type BNAT

I'm not even offered drop-down boxes to enter addresses.

[don't]

The subject says it all --- I've got some pfSense boxes that are working fine, but I want to know what I'm in for if I make the jump to OpnSense.  Things that tempt me are:

• pfSense seems to really want to be a hardware solution these days.  If I wanted that, I'd be buying more Mikrotik WISP equipment
• pfSense seems slow to gain access to newer hardware and support support -- newer LTE modems that appear as ethernet devices and don't support PPP for example
• pfSense truly doesn't like Comcast V6 Business service unless your modem support V6 PD

If I make the jump, what are some things I should watch out for?

• Can I just load my own pfsense configs?
• Does ZeroTier run in bridged-modem
• What standard pfSense modules don't work\
  

Looking for the advicve -- thanks all.