EFW Support

This is what I'm trying to accomplish...  Not sure if this will even work...  I have two external subnets...  My goal is to port forward from these two different public subnets to the same private IP.  The private IP will have one gateway...  My data center only gave me a block of 6 useable IP's per subnet and since I'll be hosting websites with SSL's I need to assign dedicated IP's per website for SSL...  Below is the config.

red interface = subnet 1 and subnet 2 (not sure if I need two red interfaces)
green interface = 192.168.160.1
host that I'll port forward to = 192.168.160.7

The host 192.168.160.7 will have a gateway of 192.168.160.1.. This being the green interface..  So, how do I get the dual wan / subnets?  Will this be two different uplinks?

1. You must create additional uplink (go to Network > Interfaces > Create an uplink).
2. in Firewall > Port Forwarding in rule select both external IP's (with crtl-button).

PS If you want to use more than one IP from each wan subnet then you must put this IPs in filed "Add additional addresses"

thank you so much!  I will try this tomorrow morning.. Now, I assuming my servers will use 1 private gateway ex: 192.168.160.1 and then everything after that will be handled by the router.. I'll try it tomorrow.

I tried adding a new uplink and I get the below error.

The networks of this uplink are not distinct with 'main' networks.

What am I doing wrong?

Did your ISP give you 2 separate IP Blocks? Usually your provider will give you a range of 5 IP Addresses in an 8 number subnet. .../29 is usually what it is. The Subnet, the Gateway, the 5 IP block and the broadcast. In the Endian Firewall, you can assign those 5 IP Addresses to that Red Up-Link. Furthermore, you can assign in the firewall, a specific green zone, subnet, or ip/mac address to use that IP.

When you say that you have a different External Subnet, is that provided by your ISP? Is it a separate ISP Device? Router, Gateway, or Modem?

It is not a separate device.  My server is in a datacenter and the switch port the interface is plugged into has both IP ranges/subnets available to this port.  They provided me two different gateways and two different ranges.  Each range has a subnet of 255.255.255.240.  My goal is to assign each range to my outside interface (red zone) so I can perform NAT translation to inside hosts.  This will allow me to have 10 useable IP's (5 from each range) versus the only 5 I have now.

For each subnet, you need a RED (uplink) connection. This requires 2 ports. With EFW you can only have 1 subnet per uplink. However, if you are running EFW in a VM, you can be using the same port. Not sure how you specifically have your data center setup.

For example: Install EFW into a VM. Add 2 V-NICs. Assign each V-NIC to a specific red uplink. And there you go, 2 uplinks on 1 port.

I found a way easier way..  Simply add the IP addresses to my existing uplink.  It will automatically find the gateway based on the subnet info.  I have 2 subnets running with different gateways and it works perfect.

Could you show me the way use Multi Wan.