pfSense & Wan IPs

Chris_sctech · August 20, 2020, 7:34pm

Hi all

Just looking at simpler setup and management of my WAN firewall rules in pfsense. I have a /29 handed down to my pfsense from my ISP!
I have WAN configured as my PPPOE interface which uses my first IP.
I was thinking somehow to set up the 2nd IP etc on separate interfaces so that when it comes to Firewall/NAT rules I can have them separate…at the moment I have the IPs configured as Virtual IPs which works, but means all my firewall and NAT rules live under WAN.
At the moment in my rules, I would have say 443 open then in the destination it would point to a VIP under interface WAN.

Possible to have my rules separate and the IPs live on different interfaces? I imagine I’ll have to assign a new interface and assign it to the same interface as my PPPOE resides, or make WAN my gateway!

Thanks

xMAXIMUSx · August 21, 2020, 12:56am

I know Tom has done a video on this like you are saying you have yours set up.

There is also this documentation for different methods
https://docs.netgate.com/pfsense/en/latest/book/firewall/methods-of-using-additional-public-ip-addresses.html

sdfungi · August 26, 2020, 12:37pm

The only way too get what you want is to place a switch between the carriers modem/router and the pfsense firewall. Then you could run multiple wan interface each with a single IP, which would give you a separate firewall rules space for each interface.