Redirecting Traffic from an Internal IP through PFSense to another subnet



  • So I have an issue with moving printers to a new subnet.

    For normal print jobs I can send to the new subnet fine without any problems. It's just this service (3rd party) that is expensive to make changes to. So my question is I have a service that uses the ip of the printer to dump pcl print jobs too and I was wondering if there is a way to have pfsense take traffic from the original ip and redirect it to the new ip on the new subnet.

    Printer: 10.20.5.1 255.255.0.0
    Printers new address on different subnet: 192.168.5.1 255.255.255.0

    Any help/suggestions would be appreciated.


  • Netgate

    Sounds like you just need a port forward on an inside (LAN) interface.

    It would be just like you do on WAN to port forward to something on the inside, but on an inside interface instead.

    On the 10.20.0.0/16 interface, create an IP Alias VIP for 10.20.5.1.

    Then create a port forward (or maybe a 1:1 NAT would be better, depending on the ports/protocols in play) from 10.20.5.1 to 192.168.5.1.


  • Rebel Alliance Global Moderator

    Why would something on 10.20/16 even talk to pfsense to get to 10.20.5.1 ?  That is the same network..  So how would a port forward work?


  • Netgate

    You put a VIP on the interface so it responds to ARP as 10.20.5.1.


  • Rebel Alliance Global Moderator

    Ah - Great point.. Did not think of that!!  That is great idea!

    Just need to make sure the printer can talk back to the 10.20/16 network - or you would also need to source nat it to be on the printer segment.

    I hope part of this project is to also use a more realistic network size - /16 is freaking HUGE!!