• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

IP rewritten passing from WAN to DMZ interface?

Scheduled Pinned Locked Moved NAT
2 Posts 1 Posters 532 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    JBNixx
    last edited by Feb 13, 2017, 10:56 AM

    Hi, not sure if this belongs here, but here goes :).

    My pfsense has 3 networks attached to it:
    LAN - 10.0.0.1
    DMZ - 10.1.1.0
    WAN - 192.168.1.2

    Infront of PFSense if the ISP router. I've put PFSense in the DMZ NAT settings of the ISp router.

    I have a webserver running in the 10.1.1.0 network behind PFSense. If i access the webserver from outside my own network (Using 4G or Hide My Ass Proxy) I'm noticing that I'm getting my own public IP in my NGINX logs.

    So i took a packet capture in PFSense on both the WAN and the DMZ interface

    On the WAN packet capture i'm seeing the real internet routable client IP as the source
    On the DMZ interface i'm seeing the same packets, but with my own Public IP as the source  (Not the PFSense IP, but my own Public internet routable ip-address).

    So it seems that when packets leave the WAN interface destined for the DMZ interface the Source gets rewritten to be my public IP ?

    Any ideas? I'd like to get the real client IP right through to my Webserver.

    1 Reply Last reply Reply Quote 0
    • J
      JBNixx
      last edited by Feb 13, 2017, 12:31 PM

      Ah i figured it out. It's the stupid ISP modem.

      Packets coming in from a port forwarding rule are stamped with the WAN IP of the modem as the client.

      Packets returning from a request initiated from within the network are as they should be. The real client IP is visiable as the source.

      So it's the way the ISp router performs port forwarding (Inteno FG500 if anyone is interested.).

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received