Problem trying to disable NAT
-
Hi everyone,
My current topology is as follows:
LAN–-pfSense---ADSL modem/router---Internet
LAN subnet: 10.0.0.0/16
LAN interface IP on pfSense: 10.0.0.3
WAN interface IP on pfSense: 10.1.0.1 (gateway=10.1.0.2)
LAN interface IP of ADSL modem/router: 10.1.0.2
WAN interface IP of ADSL modem/router: obtained via DHCP from ISPI do not want to use NAT on the pfSense box because the ADSL modem/router is already doing NAT.
I did the following after searching the forum:
From menu, Firewall -> NAT, then on the Outbound tab, I checked "Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))" and then clicked on "Save". Then, I deleted the autocreated rule in the mapping table below:
WAN 10.0.0.0/16 * * * * * NO Auto created rule for LANThen I clicked on "Apply changes".
I also unchecked the "Block private networks" option in the WAN interface configuration.
The problem is I can not access the Internet after doing all that.
I CAN ping the WAN interface (IP 10.1.0.1) of the pfSense box, but NOT the LAN interface (IP: 10.1.0.2) of the ADSL modem/router from a PC (with gateway 10.0.0.3) in the LAN.
From the pfSense box, I am able to ping it.What am I missing here?
Thanks for any help.
-
I don't really understand why you want to go that way…..
my choices would be
1. bridge modem/router. If you can't do that then disable DHCP and DMZ a IP to the pfSense so it can do the DHCP/natting.
-
I am willing to give a try to your suggestions, but first, can you please tell me why I can't ping the LAN interface of the ADSL modem/router and am unable to access the Internet?
I did not really grasp your first choice. Do you mean to configure pfSense as a bridge by bridging the LAN and WAN interfaces?
Now, regarding your second choice, does captive portal and passive mode FTP work with a transparent firewall?
Are there any other features that do NOT work with pfSense as a transparent firewall?PS: Is it possible to get rid of the ADSL modem/router and connect the ADSL line directly to pfSense?
Thanks for your reply
-
By the way, the ADSL modem/router in my topology (see first post) is actually ONE device.
The version of pfSense I'm using is 1.2-RELEASE built on Sun Feb 24 17:04:58 EST 2008. -
If you have a PPPoE connection you might be able to bridge your modem/router.
By the way, the ADSL modem/router in my topology (see first post) is actually ONE device.
Same here (WAG200). I've disabled dhcp and added an ip in DMZ witch is the one i connect pfSense with.
-
Yes, that is another option, but do you have any idea why choosing Advanced Outbound NAT is not working?
Do I need to restart the pfSense box?The ADSL modem/router actually uses PPPoA, not PPPoE.
-
Did you add a static route on the ADSL-Modem pointing to 10.1.0.1 for the 10.0.0.0/16 subnet?
Because if you dont add a static route your modem has no clue that this subnet even exists and thus will always send the data to it's default gateway. –> To your ISP which will just drop these packets.