One Server 2 ISP routing

[acoustician]

Is it possible, if yes tell me please tell me how can i do this?

 

[danpoleary]

I have this set up at home. My router has multiple wan interfaces. I set up the router with a DMZ, Home, and two WANs to my ISPs. For HOME, I route all requests to ISP1. For DMZ, I route all requests to ISP2. For inbound traffic, I NAT all requests from ISP1 to HOME subnet/server (if you need inbound access) and from ISP2 to the DMZ subnet/server (in your case to the IP of the Webserver)

 

[acoustician]

I think i did a mistake when was making scheme. I meant to make config only via sever. This one is better:

 

[danpoleary]

My above answer will still work. Connect both ISPs to the router. One of the best ways is to use DDWRT if your router hardware supports it. Peruse the DDWRT site for details. In your diagram above, you do not want the webserver on the same subnet/switch as the rest of your home. Home users can reach the webserver through the router.

 

[acoustician]

My above answer will still work. Connect both ISPs to the router. One of the best ways is to use DDWRT if your router hardware supports it. Peruse the DDWRT site for details. In your diagram above, you do not want the webserver on the same subnet/switch as the rest of your home. Home users can reach the webserver through the router.

I've got ASUS RT-N56U which doesnt seem to support DualWan on any firmware :(. That's why im trying to imaging this scheme w\o buying any new device.

 

[danpoleary]

Well, you could connect ISP2 directly to igb1, and have the webserver(or other services you want on ISP2) listen on both igb0 and igb1. This way you only need igb0 connected to the home router. It would be dangerous if no firewall exists on isp2's modem though. Also make sure that you set up both ISP's on different internal subnets, and that NO routing or bridging of interfaces exist on your server between the two interfaces.

 

[depasseg]

What is the unnamed interface on the right side of your FreeNAS? Are you really planned to route within FreeNAS? I don't think so.

A simpler and more secure approach, since your Asus can do dual wan, would be a second router/firewall with forwarding to port 80 of the webserver jail. if you can't do that, then make sure igb1 has nothing except port 80,443 from the jail exposed to the internet.

 

[acoustician]

What is the unnamed interface on the right side of your FreeNAS?

services and jails FreeNAS providing

A simpler and more secure approach, since your Asus can do dual wan, would be a second router/firewall with forwarding to port 80 of the webserver jail. if you can't do that, then make sure igb1 has nothing except port 80,443 from the jail exposed to the internet.

i think ill could do block everything on CentOS via iptables, but didnt read about freebsd firewall, nvm,
i guess ill got second ISP when FreeNAS 10 will be released, so i will try to build this configuration with FreeNAS 10 + CentOS

 

[Amu W Ramappa]

Just get a cheap Mikrotik/RouterBoard router and u could do this easily. It maybe a bit of a learning curve if u haven't played with Mikrotik before. Other option is to get pfSense going on inside a jail. Just be careful to not to expose ur FreeNAS box as @depasseg mentioned earlier.

Sent from my Nexus 6P using Tapatalk

 

[tvsjr]

Please don't use FreeNAS for this... FreeNAS is a NAS, not a router/firewall. Use something like pfSense, Untangle, Sophos UTM, Cisco ASA, or a myriad of others for this purpose.