Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Having some trouble understanding 1:1 NAT.

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eric
      last edited by

      Hey everyone
      I understand what 1:1 nat is and why you would use it, but I'm having some trouble understanding how to make it work properly.
      I have 7 available DHCP assigned IP addresses, 2 of which are statically assigned.  1 of those goes to my pfsense box for all my networks, and the other goes directly to my mail server.  What I would like to do is move my mail server to my internal LAN, and and use 1:1 for access to it, so this would gives me access internally for other things.

      So my real problem i guess is, if i go to the VIP page, I can fill in the info I have (which I don't know which is correct, proxy arp, carp, or other) and then do the 1:1 setup, but nothing goes through.  I'm wondering will my DHCP assigned (based on MAC) address actually work like this?  or will this only work with true static addresses?

      Thanks
      -Eric

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        VIP's only work with static IPs, NOT with DHCP-assigned IPs.

        Since you say your mailserver has currently a static IP and you want to move it into the LAN:
        Just create a VIP for this static IP, move the server to the LAN and 1:1 forward the traffic from the VIP to the server.

        Maybe you have to contact your ISP to ask if he only allows traffic of IP's that actually pulled an IP from their DHCP.
        Or just ask him to give you "real" static IP's :)

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • E
          eric
          last edited by

          damn
          My mail server is DHCP assigned but with a static mapping to my MAC. When I first signed up with my ISP I was givin 5 addresses and I added 2 static, the problem is on their network those are on different vlans and I only had the 2 static ones.  I needed the other ones to so they switched vlans and did a static mapping.
          I don't think I can get real static addresses and keep my 5 other ones

          1 Reply Last reply Reply Quote 0
          • M
            MageMinds
            last edited by

            If they did a static mapping, then you should be able to manually configure your nic with those parameters, it doesn't matter if you get the ip address from the DHCP or if you configure it manually, as long as you make sure that you doesn't setup an IP address that might be used elsewhere, if they did a static dhcp assignation that means that only you can get that ip address, you should be good to go in manual configuration. Unless your ISP have some sort of weird setup that would prevent you to make this, but I doubt it.

            MageMinds

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.