NAT part of subnet
-
Hi,
is there a way to get the NAT function to only use part of a specified subnet?
I only want to use 3 addresses in my external range, but it seems to be using the whole range. I must be doing something wrong as I cannot see how to only specify these 3 addresses.thanks
-
huh? So pfsense has a WAN IP that is in your range.. lets call it 1.2.3.0/29
So your gateway is 1.2.3.1 and pfsense is lets assume 1.2.3.2
This range is a public range right?? Not some rfc1918 address behind another nat..
Out of the box pfsense would not have a clue to the .3 - .6 you could use that is part of your /29
To .3 to .6 you would have to create VIPs on pfsense wan interface - did you do that? Then what did you do with your outbound natting.. Since out of the box pfsense would only use its 1.2.3.2 address that was on its wan interface to outbound nat in automatic mode, etc.
-
Everything you seek is here, in Host Alias under translation in Firewall > NAT, Outbound
 -
but that is still a VIP he had to have added.
-
Yes. That is listed there in the text.
-
thanks for the responses so far.
just to clarify ~ it is a public IP range. I've been given some of our corporate addresses (non contiguous) for use on testing a new setup.
so for ease lets say 1.1.1.1, 1.1.1.3 & 1.1.1.51.1.1.1 is assigned to the pfsense WAN port ~ but can still be used in "the pool".
Ideally we would like to use the "random" NAT pool option instead of round robin. Looking at the setup above the host alias can only use round robin (if it has to be that way then fine - but my boss wants it random ???)does that sound possible?
thanks
-
Round robin in that case.
Tell him that is fine. It will appear random. Stop overthinking and micro-managing.
