Nat policy through username
I need something like NAT policy by username.
So, we have several WAN connections and I wish to NAT user through specific interface (wan connections) depending on username.
Can this be achieved by pfsense?
Thanks in advance.
Policy routing can be based upon source IP, dest IP, dest port, etc.
Why can you not just assign the user a specific IP and then policy route it that way? Are different users coming from same IP, like a kiosk machine or something
Yes, users are using one IP on terminal server. I also tried to use virtual IP but there is no way to make static mapping user - IP.
So, the only way of identification is username…
Maybe someone faced with such task and there is another product to solve it?
No you can't do that on traffic that doesn't originate on pfSense itself. The username or any other identification information doesn't make it outside the sending host in such a way it could be used in packet filtering or NAT on pfSense.
You would normally do such a thing with a proxy that users auth too.