Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 1531 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bypass / Bind public ip to physical Port

Fabrizio Cocco

Hi

We have to archive a little bit a special config. 

We do have multiple IP on WAN interface, we defined this with alias. As far as good. But now we have to bypass the traffic from one of these ip's direct to another physical port. No Filtering on this IP and correct natting. Best would be if the device on the other port has to set the public ip as the own ip. 

What is the ways to do this?

PS: In General, does anyone have a good tutorial how to set the masq for different subnets using different ip addresses when web surfing...



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    First of all, what is the current firmware version on your firewall? 

    If you have multiple internal networks, you could configure firewall rules with different source networks and required web filtering policies. 

    If your firewall is on SFOS v18, you need to create the MASQ rule separately and use a different alias IP address for each internal network. 

    For example, In the following screenshots, I have created an internal network 172.16.16.16.0/24 and MASQ rule to use 1.1.1.1 as an outbound IP address. 

    However, you can configure different web filtering policies for each internal network and use them with the firewall rules.  

    Thanks,

  • 0 in reply to FormerMember

    Hi, thanks the second pictures was the resolution. It was not clearly to me before to translate the outgoinh with the SNAT.

    Half of the way is done ;-)

    Yes i'm using SFOS 18, newest release. 

    We do have multiple IP with Aliases on our WAN Port. I do have on Port 5 another Router from another subcompany. Is it possible to give the router one of the public ip adresses, so the router from the subcompany has the real public ip on theire device as WAN ip?

  • FormerMember
    +1 FormerMember in reply to Fabrizio Cocco

    Hi ,

    It is not good to configure two interfaces with an IP address from the same network; it will cause routing issues. 

    Thanks,

Reply Children
No Data