outbound policy problems

Hello friends, need help.
I have two additional IP addresses for the primary address I purchase from my ISP, and with them I route inbound traffic without any problem.
My problem, that I also want to go out with the same address I go in, is that possible?
From what I see it is possible to exit what WAN but without choosing a particular address, I miss something?


I’ve run into this issue too.

I believe one solution is to use NAT Mappings instead of Outbound policy.

If you look at the NAT Mapping UI you will see that it does let you pick specific IP addresses for both inbound and outbound connections:

1 Like

Go to network → Outbound Mappings → add.
Secify the local ip to map to under Address.
Specify the ISP outbound ip under Outbound Mappings.
Save and apply.
You might also need to check/change your outbound policies to match the wan you want it to go out on.

@Jonathan_Pitts what device / firmware are you using?

On my Balance One (currently running 8.1.1) I have nothing called Network / Outbound Mappings. I do have Network / Outbound Policy, but as the OP shows in his screenshot, it does not let you choose specific IP addresses on an interface that has additional IPs.

[Updated: I inadvertently repeated in substance what @soylentgreen has noted earlier.]
The B1 interface is not quite as rich as the ones for the higher-end models. For B1 (at least 8.2.1, and I believe it reaches back to your FW version) you go to the Network > Inbound Access > NAT Mappings pane [as noted by @soylentgreen]. There you’ll find the Outbound IP address pane with the functionality I think you are looking for.

I don’t have a B1 handy where there are multiple IP addressed served by a particular WAN, but here’s a screenshot of the same pane from a Balance 380.

You see that WAN 2 serves four IP addresses, and the outbound mapping determines that traffic routed to WAN 2 will be delivered to the internet with the source IP address given as 17…5

Does that do the trick for you?

Cheers,

Z

Can you PM to setup a shared meeting , or add me ([email protected]) to your router group add I can take a look.