Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks) (Read 524 times)
jrdwiz
Newbie
Posts: 2
Karma: 0
Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks)
«
on:
May 05, 2024, 06:44:19 pm »
Desired Configuration:
Assign a host with one of the /29 public addresses directly without using NAT. Is this at all possible?
My Configuration:
ISP has assigned me a static /30 and /29 block.
ISP uses PPPoE (GPON Fiber from an ISP still living in the DSL era)
WAN Interface
iPv4 Configuration Type: PPPoE
I'm assigned the /32 ip address via PPPoE with the gateway of 10.10.10.15 (I assume this is the PPPoE server address on the ISP end.)
Virtual IPs:
I have configured the /29 block as an IP Alias under the WAN interface.
NAT, 1:1 NAT, and outbound NAT all function correctly using the /29 addresses.
Any help would be appreciated.
Logged
Patrick M. Hausen
Hero Member
Posts: 6807
Karma: 572
Re: Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks)
«
Reply #1 on:
May 05, 2024, 07:02:32 pm »
Assign the /29 block - one address of that with a /29 netmask - to a different interface. Then connect your servers with the remaining addresses (5 of them) to that network. OPNsense will be the default gateway. No NAT, only firewall rules necessary.
«
Last Edit: May 05, 2024, 10:01:39 pm by Patrick M. Hausen
»
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
jrdwiz
Newbie
Posts: 2
Karma: 0
Re: Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks)
«
Reply #2 on:
May 05, 2024, 09:46:43 pm »
Hi Patrick,
Thanks. That configuration does work.
One issue left - Floating Rules / WAN Rules
The new interface, (assigned the /29), ultimately routes out of the WAN(PPPoE) gateway and is therefor impacted by floating rules assigned to the WAN(PPPoE) interface. I don't want the /29 to be impacted by some floating rule (e.g., GEO IP Block).
The only way I can think to fix this is by changing the destination for inbound rules from ANY to DEFINED SUBNET. And in reverse for the outbound rules. Thus excluding the /29 subnet.
Do you agree or have any better ideas?
Thanks
Josh
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Multiple Public IP address - Use without NAT. (PPPoE multiple WAN blocks)