Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - jantypas

#1
I can't be that wrong can I?  (Probably....)

My ISP has delivered a CSU type device with my new ARIN addresses 199.180.200.x/24 as well as my V6 block.
The unit has its magic ethernet port whereupon I receive these addresses.  I was HOPING I could :


  • Assign a new Internet (PublicIP) to one of the router's spare ports.  Think of this as a second WAN port
  • Give the publicIP interface a static address out of that space 199.180.200.1/24
.
  • Since the servers behind the router only have one port, I'd have (2) private addresses per host, say 10.11.12.1 and 10.11.13.1
  • Create a routing rule that says "Anything 10.11.12.x goes out the default WAN, anything 10.11.13.x gets one-to-one NATed to 199.180.200.x and goes out the alternate WAN[/li 
When I try to set up a NAT 1:1, I try to say:

External Interface: 199.181.204.x/24 PublicIP Interface
Internet Interface LAN.address
Type BNAT

I'm not even offered drop-down boxes to enter addresses.
#2
The subject says it all --- I've got some pfSense boxes that are working fine, but I want to know what I'm in for if I make the jump to OpnSense.  Things that tempt me are:


  • pfSense seems to really want to be a hardware solution these days.  If I wanted that, I'd be buying more Mikrotik WISP equipment
  • pfSense seems slow to gain access to newer hardware and support support -- newer LTE modems that appear as ethernet devices and don't support PPP for example
  • pfSense truly doesn't like Comcast V6 Business service unless your modem support V6 PD

If I make the jump, what are some things I should watch out for?


  • Can I just load my own pfsense configs?
  • Does ZeroTier run in bridged-modem
  • What standard pfSense modules don't work\
Looking for the advicve -- thanks all.