NAT part of subnet
is there a way to get the NAT function to only use part of a specified subnet?
I only want to use 3 addresses in my external range, but it seems to be using the whole range. I must be doing something wrong as I cannot see how to only specify these 3 addresses.
huh? So pfsense has a WAN IP that is in your range.. lets call it 18.104.22.168/29
So your gateway is 22.214.171.124 and pfsense is lets assume 126.96.36.199
This range is a public range right?? Not some rfc1918 address behind another nat..
Out of the box pfsense would not have a clue to the .3 - .6 you could use that is part of your /29
To .3 to .6 you would have to create VIPs on pfsense wan interface - did you do that? Then what did you do with your outbound natting.. Since out of the box pfsense would only use its 188.8.131.52 address that was on its wan interface to outbound nat in automatic mode, etc.
Everything you seek is here, in Host Alias under translation in Firewall > NAT, Outbound
![Screen Shot 2017-08-29 at 11.42.29 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-08-29 at 11.42.29 AM.png_thumb)
![Screen Shot 2017-08-29 at 11.42.29 AM.png](/public/imported_attachments/1/Screen Shot 2017-08-29 at 11.42.29 AM.png)
but that is still a VIP he had to have added.
Yes. That is listed there in the text.
thanks for the responses so far.
just to clarify ~ it is a public IP range. I've been given some of our corporate addresses (non contiguous) for use on testing a new setup.
so for ease lets say 184.108.40.206, 220.127.116.11 & 18.104.22.168
22.214.171.124 is assigned to the pfsense WAN port ~ but can still be used in "the pool".
Ideally we would like to use the "random" NAT pool option instead of round robin. Looking at the setup above the host alias can only use round robin (if it has to be that way then fine - but my boss wants it random ???)
does that sound possible?
Round robin in that case.
Tell him that is fine. It will appear random. Stop overthinking and micro-managing.