How can I setup NAT with multiple public IPs (/29 subnet) on pfSense?

subnet routing local-area-network pfsense wide-area-network

Our ISP provides a /29 subnet which includes the following IPs:

Network Address: 199.1.1.0
Router/Gateway Address: 199.1.1.1
Usable IP addresses: 199.1.1.2 - 199.1.1.6

I would like each of the 5 public IPs to have their own network (NAT), so for example the 199.1.1.4 public address could have the internal network 192.168.7.0, and public address 199.1.1.5 could have the internal network 192.168.8.0.

I've attempted to set this up using Virtual IPs (IP Alias), 1:1 NAT, Outbound NAT, Gateways, multiple LAN interfaces, VLANs, etc. but so far only the 199.1.1.2 public address ever seems to be used. I'm not sure how to setup pfSense 21.05.2 to use these public IPs as different internal networks.


Solution 1:

I was able to get this working. It involved creating VLANs so the specific ethernet ports could be assigned, creating Virtual IPs (IP Alias type), and creating port forwards and firewall rules which referenced the Virtual IPs. NAT didn't need to be configured.

Related

Zabbix server port 10051 is blocked in firewall and need to use only 80 port
How do i know if my domain/subdomain was digged by someone with any DNS dig tool? [closed]
What exactly does "system managed size" mean for a Windows pagefile?
Ethernet patch or crossover router to router [closed]
Patch panel confessions
Tracing network RJ45 / RJ11 cable from user desk to patch panel backend
Cable management between multiple racks
gigabit ethernet to single mode LC fiber
Tracert consistently shows packet loss at same router hop
mTLS: restrict client cert to specific subdomain?
Getting game console LineIn audio in Macbook Air M1 2020
Converter between MagSafe 1/2 and MagSafe 3