Disabling masquerade NAT
-
Hi,
On pfSense is possible not use masquerade, as like iptables rules?
For example:
I have 2 networks and 2 nics, that are:
1 net - 192.168.1.x
2 net - 10.11.0.xUsers on network 10.11 talking normally w/ 192 subnet, but pfSense translating and masquerade a unique ip address, soon each packet going from a unique ip to the outside net.
Is there possible each traffic going to using real ip (10.11 to 196.x and not 10.11.1.1 to any 192)?
Thanks.
-
I assume you want to disable the standard NAT behaviour from LAN to WAN.
To do this go to firewall โ> NAT --> outbound.
Enable manual advanced outbound NAT.
Now traffic will be NATed defined by how the rules below it are.
If you delete all rule, noting will be NATed. -
Just a question befor to do this.
All Port Forward will be continue works, right?
Thanks for the information.
-
Yes, you can still do port forwards with outbound NAT disabled.
-
Thanks one more time.
I'll try to test this tomorrow on Saturday.
Ahh.. Almost forget, congratulations for pfsense Book Jimp, I'm still reading it.
Regards,
Heitor Lessa
Blog -> http://tinodiaadia.wordpress.com -
To do this go to firewall โ> NAT --> outbound.
Enable manual advanced outbound NAT.
Now traffic will be NATed defined by how the rules below it are.
If you delete all rule, noting will be NATed.Thanks very much !
Now my problem w/ slow traffic within SMB protocol are solved.
I hope that is help another person w/ the same issue.
Thanks one more time.
Att.
Heitor Lessa
Blog -> http://tinodiaadia.wordpress.com -
Just a question or a issue.. I don't know.
Nat out works well, but I tried to test w/ ftp protocol and it continue making masquerade (nat w/ WAN ip). Soon I try to make a first rule matching this and check NO NAT, but not works too.
Is there any possibility to solve this issue? Is there any association w/ ftp helper?
Thanks one more time.
-
Is there any possibility to solve this issue? Is there any association w/ ftp helper?
Solved!!!
I disable ftp helpder on LAN and WAN on both pfsense box that we have.