Bypassing the firewall/NAT specific servers on the network

ezzadin

Hello,

I have done some research on this and I think that what I want to do is possible but I would like some advise please

I'm currently using pfsense 1.2.1. 1:1 NATing and Virtual IPs. /24 from my ISP

There are three VoIP servers that I don't want them to be behind a NAT and I want, for those servers, to bypass the firewall completely. So I want pfsense to act as router only, again only for VoIP servers.

what would be the best way to do this? do I just put the servers on DMZ? assuming that I have enough Network ports on Pfsense, can I just assign a Public IP address to the Server and then create a rule for that IP to leave via my WAN.

Thanks

jimp

If you want them to be in the same subnet as your WAN, they would have to be on a new interface off your router (Like the DMZ you mention) that is bridged to WAN.

That way you can apply filter rules, and they can use the IPs directly.

ezzadin

Thank you…