Multiple additional WAN ip ranges

[col360]

What is the current best / recommended way to add multiple additional WAN IPs. We are given some extra WAN IP in the form of 2 separate /29.

I want to be able to accept incoming traffic to those IP and direct specific ports to some services living on different internal IPs.

So far I've only managed to do 1:1 NAT to one of the internal IP. However this locks this single extra IP to a single internal IP (1:1) so I can't direct different services to different internal IP. This limit the usability of the extra IPs.

On our old firewall (Sophos UTM) we were able to add the additional IP to the WAN interface and then do 1:1 NAT or port port forward for single port or multiple port to one or more internal IP as needed. Also used masquerading to route out going traffic for internal IP to go via specific public IP.

Thanks.

[bartjsmit]

You can add a proxy ARP for the WAN interface under 'Firewall -> Virtual IPs -> Settings -> Add' to avoid 1:1 NAT tying up your WAN addresses.

Bart...

[col360]

I'm not familiar with ProxyARP however will give that a try.

Thanks.