How does PFsense rewrite nat IP's (or port/forwarding/1to1 nat problem)
my problem in a nutshell
when I do a port redirect or 1to1 NAT and try and use it the return (source) address does not get rewritten.
I would presume that when a packet comes from the WAN and gets passed on to LAN the source IP would be the PFsense LAN Ip and not the original WAN IP.
–-----> default gateway (dedicated line)
| pfLan pfWan ---- line1
--------> PFsense ------------ line2 pfOpt1
pfOpt2 ---- line3
so if i do a 1to1 nat on line1 to our other firewall/vpn the packet gets to the firewall, but the packet source is still the original real world ip on the internet and thus gets routed over the other default gateway and not the same route that the packet was received on and does not work
Am i missing some setting that I need to enable to get this working?
GruensFroeschli last edited by
This is how NAT works.
What you want is source NAT.
This came up once and i suggested to enable Advanced outbound NAT, and NAT from the WAN to the LAN.
However, i never got feedback if that worked
(It was just an idea, i never actually tried that)