Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
HA with port forwarding question. IP Alias?
« previous
next »
Print
Pages: [
1
]
Author
Topic: HA with port forwarding question. IP Alias? (Read 1431 times)
loganx1121
Full Member
Posts: 123
Karma: 0
HA with port forwarding question. IP Alias?
«
on:
January 18, 2023, 12:18:23 am »
So I'm kind of wondering what the IP Alias virtual IP is actually used for in a real world scenario and I'm wondering if it's for what I'm trying to do.
I have a Public IP space from my ISP, let's call it 192.168.1.1/27 for the sake of argument. Within that space, I have port forwarding setup and I've made firewall alias's to assign servers to Public IP's within that space. My connection with the ISP is a direct connection, meaning I'm not routing over some interim network to get to them, I just point at the gateway they gave me.
So if my primary firewall goes down, or I fail it over manually, will those port forwards still "just work", or is this where I would define the public IP of these servers as an "IP Alias" in the virtual IP's?
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: HA with port forwarding question. IP Alias?
«
Reply #1 on:
January 18, 2023, 03:25:03 am »
IP Aliases are to assign additional IPs to interfaces on OPNsense. For example I use them to configure IPv6 ULAs
Logged
FraLem
Jr. Member
Posts: 83
Karma: 2
Re: HA with port forwarding question. IP Alias?
«
Reply #2 on:
January 18, 2023, 06:37:20 am »
Quite useful as well for 1:1 NAT
Rgds
Logged
loganx1121
Full Member
Posts: 123
Karma: 0
Re: HA with port forwarding question. IP Alias?
«
Reply #3 on:
January 18, 2023, 03:50:35 pm »
Quote from: FraLem on January 18, 2023, 06:37:20 am
Quite useful as well for 1:1 NAT
Rgds
I guess I'm not understanding. Why would this be useful for 1:1 NAT? Wouldn't the NAT by itself function?
Logged
FraLem
Jr. Member
Posts: 83
Karma: 2
Re: HA with port forwarding question. IP Alias?
«
Reply #4 on:
January 21, 2023, 08:02:46 am »
Should you require to full expose some of your equipment on your LAN network (lest say X.X.X.10..20) fully to your WAN network, (Y.Y.Y.210-220), then you would assign these IP Alias to your WAN interface and add a 1:1 NAT rule Y.Y.Y.210 -->X.X.X.10 and so forth.
The above mentioned LAN devices would be fully reachable from your WAN Network.
Hope it helps to clarify the application.
Regards
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
HA with port forwarding question. IP Alias?