Nat Rule with An exception
-
i want to forward all port 80 traffic to port 3128 on a web filter proxy that has a lan ip address. the webfilter only has a lan connection to the network so i need that webfilter proxy to be excluded from this nat rule. does this make any sense? please let me know if i need to explain better.
-
Just create a rule with the source IP of your proxy and make the subnet mask /32 and put the rule above the nat rule. The first rule that matches wins.
-
Genius idea. you sir are a gentleman and a scholar.
-
Thanks :)
-
so just to clarify. i only need a firewall rule to allow my web filter proxy out to the internet? i dont have to nat anything correct?
-
I'm not sure about that, seems to be what you need. I was just explaining how to make a rule to bypass your Nat rule.
If you only want the proxy to be natted on port 80 then you can make that change in the outbound Nat section. By default PfSense will Nat the whole subnet.