We have a block of static addresses from our ISP. In the PFsense currently I
have setup VIP and 1:1 NAT to several servers. The network only has 1 lan
subnet 192.168.2.x currently with the servers and a few office computers on
their. The client machines that connect are connected to a comcast network
and totally separate. We're gonna need to setup a few more servers and with
such I want to put them on their own network. It has slowly evolved and
hence the original 1 server being on the same network as the office
computers and a server here and there being added. Best practices I know is
to put the servers on their own network so I am backstepping here due to a
recent fast growth of servers. Is it possible and if so how to have a 2nd
router dropped into the network that you can set the WAN address as 1 of the
routable WAN ip's we get with the PFsense box as its gateway instead of
assigning the 2nd router a 192.168.2.x address then doing a 1:1 NAT to it.
Or should it just be dropped in assign a 192.168.2.x address, do a 1:1 NAT,
allow all in the rules in the pfsense box and then set your rules that you
need on the 2nd router.
