Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rewrite an internal IP destination to an external IP destination

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 921 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Slampman
      last edited by

      I have a weird "lab" request.  I test hardware that is designed to be locally connected to a machine that has a client installed. It will only talk to the server (192.168.0.1:443) if the client ip is in that same subnet.

      Example:
      client ip =192.168.0.100
      server ip = 192.168.0.1
      This works no problem.

      The issue I have is I need the server to reside on another network accessible via public IP.  This is so I can test the software against the hardware that exists in a remote lab.  What i want to do is redirect all traffic destined for 192.168.0.1 (internal) to 1.2.3.4 (external).  The server will accept a connection from any ip address it is the client software that has a problem.

      Here is a rough diagram:

      Client 192.168.0.100
        |
        |
      Pfsense 192.168.0.254 LAN GW
        |        4.5.6.7 (public IP)
        |
        |
      remote FW (1.2.3.4)
        |
        |
      server 192.168.0.1 (port forwarding setup to forward 1.2.3.4:443 to 192.168.0.1)

      I want to have pfsense take traffic destined for 192.168.0.1:443 on the LAN interface and redirect to the external interface re-writing the destination to 1.2.3.4:443
      *caveat: the client software requires that the configured server address (192.168.0.1) be a member of the local subnet on the machine.  in other words the client local adapter cannot be 172.16.0.100 and the server be 192.168.0.1.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        At first you have to add the fictive server address 192.168.0.1 to the pfSense LAN interface as an IP alias. Firewall > Virtual IP.

        Then add a port forwarding rule:
        interface: LAN
        Protocol: <set it="" to="" match="" your="" needs="">source: 192.168.0.100
        Destination: 192.168.0.1
        Destination port range: HTTPS
        Redirect target IP: 1.2.3.4
        Redirect target port: HTTPS

        That should work for you.</set>

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.