Nat policy through username
-
Hi!
I need something like NAT policy by username.
So, we have several WAN connections and I wish to NAT user through specific interface (wan connections) depending on username.
Can this be achieved by pfsense?
Thanks in advance. -
Policy routing can be based upon source IP, dest IP, dest port, etc.
Why can you not just assign the user a specific IP and then policy route it that way? Are different users coming from same IP, like a kiosk machine or something
-
Hi!
Yes, users are using one IP on terminal server. I also tried to use virtual IP but there is no way to make static mapping user - IP.
So, the only way of identification is username…
Maybe someone faced with such task and there is another product to solve it?
thanks. -
No you can't do that on traffic that doesn't originate on pfSense itself. The username or any other identification information doesn't make it outside the sending host in such a way it could be used in packet filtering or NAT on pfSense.
-
You would normally do such a thing with a proxy that users auth too.