• Hi all,

    I have this setup in a Community Wireless LAN.

    Currently the network has 3 pfSense boxes (pfSense, Router A and Router B), this setup works quite well, all users in the internal networks can access to the Internet trough pfSense and to the game/ftp servers that run on the segment. The problem is that this setup is running trough NAT, from Router A and on. I have a static route on "pfSense": Lan –-> Dest: --->
    What I would like to do is disabling NAT completely in the internal subnets and run a full routing network.
    From what I have investigated perhaps this would imply using Advanced Outbound NAT, but I'm not familirized with it, and couldn't find many examples on the web.

    Does anyone has a similar setup that can point me the right direction?

  • You are right. enable advanced outbound nat. After enabling this you'll see a bunch of rules that were created for you below to simulate the behavior without enabled advanced outbound. If you delete all these rules and apply you have shut down natting completely and are running in routing only mode.

  • I believe I need to do that both on router A and router B, right?

    Also, after doing that, do I need more static routes on pfSense?

    I'm doing all this questions just to be sure what I'm going to do, since router B is on a top of hill and I'm going there on the weekend only.


  • You need the following routes:

    at Router A:
    Interface LAN; subnet; Gateway
    Interface LAN; subnet; Gateway

    Router pfSense:
    Interface LAN; subnet; Gateway
    Interface LAN; subnet; Gateway

    Router B doesn't need any routes as the default GW of this one is Router A

    btw, why is there a GW at your OPT1 at Router B? You only need this if this is an additional WAN and besides that the gateway isn't in the range of the OPT1-subnet. This doesn't make sense. Delete the gateway there  ;D