• I want to add another pfsense behind my current pfsense firewall that will do some basic filtering. Anyway, can i put this firewall in and turn on advance Nat then disable all Nat policies and have the main firewall handle this?
    Here is what i was thinking… Will this work?

    --wan--PFsense(  ---- ( 2 ---then a lan network
                          ( ----VLAN

    Ideally have the pfsense box on the 10 do all the natting for the 192.168.7.x/24 network without natting it as I would like to stay away from double natting as much as possible.

    I looked around the forums but want sure how to word this correctly.



  • Yes, that's possible. Just make sure you put a static route in on the border pfsense that points to the internal pfsense for the internal network. If you wanted, you could just do a transparent firewall if you don't want any routing at all.

  • could i use ospf for this? is there any support on pfsense for ospf?


  • OSPF isn't supported at this time. You only need one static route in this scenario, any routing protocol is overkill.

  • ok. Thanks for the help