Link to home
Start Free TrialLog in
Avatar of Vladimir Buzalka
Vladimir BuzalkaFlag for Czechia

asked on

2 public IP addresses in single WAN cable

Dear experts,

I have ISP - 1 cable and 2 public IP addresses X, Y. What router/firewal is able to create 2 independent local LANs where LAN1 will be router via public IP X to internet and LAN2 via public IP2?

Many thanks for your kind advice

Avatar of bbao
Flag of Australia image

choose SonicWALL firewalls with Wi-Fi support such as SOHO 250 or TZ350
As I know all firewall can do what you need and I recommend to choose firewall than router because you can do policies, web filtering, anti-virus, ips, application control and more..

Also as you know those features can improve internet usage..

Based on your business size I prefer to go with fortigate utm firewall

As mentioned above, any respectable firewall (Watchguard, SonicWall, Cisco, Fortigate, etc.) should do what you want.  I've been using pfSense firewall software running on used i5 computers with new (small) SSDs and used 4-port Intel NICs.  I spend about $200 on the hardware and the software is free.  Support is expensive from the software manufacturer, but there is very capable support from the community available.

I've never used it, but others on EE have suggested Untangle as their preferred alternative to pfSense.  Both seem very capable and may be a good alternative, depending on your interests.
Avatar of skullnobrains

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
you would have 1 primary public adres. this will be the adres at the outside interface of youre internet connection.
youre provider sends the second adres next-hop to the primary, you need a firewall or router that can do proxy arp.
this will tell the outside interface it had more then 1 adres. then you van make 2 networks with nat you will tell wich ip should be used as source for outbound traffic.
Avatar of skullnobrains

if you go the pfsens way, you would configure outgoing NAT on both interfaces and use policy routing in order to divert the traffic to the required gateway. the route can be configured at the system level based on source address or in each corresponding firewall rule. pfsense will pick the IP address based on the interface.

many other products ( and actually pfsense as well ) will allow to create separate NAT rules for each network and use the interface's gateway. either way ought to be available in any vaguely decent firewall.

the 1rst way allows to setup multiple gateway groups and have each interface failover the other one. you can also do reservations and dispatch based on the load. but truthfully, that's a pain to configure for a mild benefit.
Avatar of Vladimir Buzalka


Good Luck Vladimir