Hello Volks,
i will get in the next days an eight IP Block from my provider. So i need to configure my vyos who has the function as a router with these new external IP Addresses with one modem in front of.
how can be a possible solution looks like?
thanks in advice
Hello,
You can provide more information: network diagram (https://app.diagrams.net/) and vyos version and configuraion.
Thanks.
Hi.
Usually your provider will give you address settings. Here is a sample config that should get you started.
show interfaces ethernet eth0
address 22.32.32.1/29
address 22.32.32.2/29
address 22.32.32.3/29
address 22.32.32.4/29
address 22.32.32.5/29
show protocols static route
route 0.0.0.0/0 {
next-hop 22.32.32.6 {
sorry for delay gents, …
nktech, your solutions looks like what i need, i will test that.
how or where do i what configure, when i have for example multiple 443 services in the backend?
Hi @userx
You mean that you have multiple public IPs on VyOS routers, and multiple web servers in pravate network behind VyOS? If that’s the case, you may use multiple dst nat rules.
@n.fort said it correctly. use destination nat rules to route traffic from the public ip to the private ip.
edit nat destination rule 1
set description
set inbound-interface
set destination address <one.of.your.public/addresses>
set destination port 443
set translation address <your.privat.address/netmask
set translation port 443 # this is optional if the port the traffic is going to is the same as the destination port above.
also, remember to add firewall rules. they get called after nat translation so destination address in the firewall is the private address.
If you wish the backend server to have a specific public ip in your range then use sorce nat, the concept is similar to above, but use source instead of destination and outbound-interface of the private/lan interface instead of inbound as in the example above.
Also remember, typically you don’t use port params on source nat rules.
HTH.