Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HOW TO NAT 1:1, BUT SERVER DO NOT POINT TO PFSENSE'S GATEWAY?

    NAT
    2
    3
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      asteriskese
      last edited by

      I have a server, was public to the internet over Checkpoint Firewall.  (Server point gateway to Checkpoint Lan Interface)

      I setup a new Pfsense firewall now, and I want to public that server over pfsense, but can not change default gateway (currently point to Checkpoint Firewall)

      DESC:
      CheckPoint Firewall:
      IP WAN: 192.168.1.2
      SM: 255.255.255.0
      GW: 192.168.1.1

      IP LAN: 10.10.10.1
      SM: 255.255.255.0

      Server Info:
      IP: 10.10.10.2
      SM: 255.255.255.0
      Gateway: 10.10.10.1 (CheckPoint LAN interface)

      Pfsense Info:
      IP WAN: 192.168.2.2
      SM: 255.255.255.0
      GW: 192.168.2.1

      IP LAN: 10.10.10.11
      SM: 255.255.255.0

      (Sorry for my English)

      FreeBSD, PFSENSE

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        You'll have to source NAT it in that case so the server sees it coming from the LAN IP, not the original IP. Firewall>NAT, Outbound. Hybrid mode, add a rule to NAT traffic on interface LAN, source any, destination IP of the server.

        1 Reply Last reply Reply Quote 0
        • A
          asteriskese
          last edited by

          Thank admin,

          This is my config, IT's WORK !

          Steps:
          #1/ FIREWALL->NAT 1:1

          #2/ FIREWALL->NAT OUTBOUND:

          #3/ FIREWALL->RULES->WAN:

          FreeBSD, PFSENSE

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.