Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How does PFsense rewrite nat IP's (or port/forwarding/1to1 nat problem)

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 3.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      midrian
      last edited by

      Hihi

      my problem in a nutshell

      when I do a port redirect or 1to1 NAT and try and use it the return (source) address does not get rewritten.

      I would presume that when a packet comes from the WAN and gets passed on to LAN the source IP would be the PFsense LAN Ip and not the original WAN IP.

      –-----> default gateway (dedicated line)
                                  |
      LAN firewall/vpn-----|
                                  |        pfLan          pfWan ---- line1
                                  --------> PFsense ------------ line2        pfOpt1
                                                              pfOpt2 ---- line3

      so if i do a 1to1 nat on line1 to our other firewall/vpn the packet gets to the firewall, but the packet source is still the original real world ip on the internet and thus gets routed over the other default gateway and not the same route that the packet was received on and does not work

      Am i missing some setting that I need to enable to get this working?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        This is how NAT works.
        What you want is source NAT.

        This came up once and i suggested to enable Advanced outbound NAT, and NAT from the WAN to the LAN.
        However, i never got feedback if that worked
        (It was just an idea, i never actually tried that)

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.