How to set different public IP for different zone

hwy17 · March 19, 2023, 3:43pm

I have two public addresses on my WAN interface

Outbound traffic from LAN and DMZ currently goes out / masquerades on address 1

I have port forwarding rules that send WAN traffic arriving on address 2 to a host on my DMZ zone

I would like all hosts on DMZ zone to use address 2 for their outbound traffic / masq.

Let me know if I should show my config in more detail. But I am looking for generic device about how you would set up one zone to use one public IP, and another zone use a different public IP.

hwy17 · March 19, 2023, 4:06pm

This works for one host. Should I just expand source address to cover my entire DMZ network address range? Or is there a better way?

trendy · March 20, 2023, 12:07pm

You need to do Policy Based Routing and you have 3 options:

mwan3 package
pbr package
a set of rules/routes for each internet connection.

From firewall perspective, you can have both interfaces to the same wan zone or different wan/wanb zones. Either way masquerade should be enabled on both.

system · March 30, 2023, 12:07pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.