Second public IP on the same firewall

[openasapce]

Hi.
I need to add a second public ip to the firewall and perform a nat 443 to internal VPS on proxmox.

The firewall already have a  public ip and 443 is already used by another service.
How to do this? I can't find in the manual.

Any advice?
Thank you.

[Maurice]

How to do this? I can't find in the manual.

https://docs.opnsense.org/manual/firewall_vip.html

[openasapce]

Really thank you.
Last question, obviously i need to add a virtual card on the firewall? it can't work on the same network card?

[Maurice]

You can add multiple IP addresses to a single interface, that's exactly what virtual IPs are for.

[openasapce]

Thank you, but using proxmox and Hetzner servers I need to create a separate MAC address for the new ip address to correctly route it to the right vps.

To do this I need to add a virtual ethernet card with this mac address, therefore assign the public Ip to the device.

I have added the virtual ethernet card to opnsense, assigning the mac address on proxmox, therefore added the net device to opnsense with the right ip.

Opnsense now have 3 virtual ethernet:
- 1: WAN public ip
- 2: LAN private ip with nat to internal virtual servers.
- 3: second Public IP that i want to nat on 443 port to a internal 443 to a VPS within the LAN private network (2).

I have set the NAT on the (3) secondo public ip device, but i see that any incoming traffic to this ip is dropped by opnsense.

Where I'm wrong?

[openasapce]

I don't know why, but after a reboot the nat was applied and the second ip on the dedicated virtual ethernet works correctly.