Nat with public IP on LAN

Subzer0 · Apr 10, 2008, 1:47 PM

Hello everybody,

I'm setting up a PfSense for my company and I have a few questions about how to configure NAT ???.

We have 3 sections : LAN - DMZ and WAN
We have a class of public IPs divided for our 3 zones, for example :
LAN = 69.54.15.0 /25
DMZ = 69.54.15.224 /27
WAN = 69.54.15.192 /27

So today if I go on internet with my laptop in the LAN i'll have the IP : 69.54.15.1 (for example)
As I'm configuring a pfsense, I'm worring about how to setup the configuration of NAT… in order
to keep my public IPs... ?

If someone can help me or give me some clues it will be welcome.
Thank you very much :),

dotdash · Apr 10, 2008, 3:06 PM

If you are running publics everywhere, you don't need NAT. You could just run the firewall as a filtering bridge.
I don't know exactly why you'd need a separate WAN if the machines on the LAN were public- could you explain what your current setup is? IMO, using publics on the LAN is a poor use of address space and creates administration headaches, so I would consider using private IPs and NATing the LAN. But that's just my 2 cents.

GruensFroeschli · Apr 10, 2008, 5:14 PM

Or if you really want to use the public addresses but dont want to bridge, you could just disable NAT and run pfSense as a firewalling router.

luma · Apr 23, 2008, 2:59 PM

Hi guys,

I'm a happy user of pfsense. Keep the good work!

To clarify myself, could you confim this attached network could work with just enabling manual outbound nat mapping?

If I had a DMZ interface, I can enable it for it?

Thanks and regards

hoba · Apr 23, 2008, 9:45 PM

As long as your ISP is routing that subnet behind your pfsense to your pfsense wan ip it will work.

luma · Apr 24, 2008, 9:19 AM

Thanks Hoba!

That's good news!