Rewrite an internal IP destination to an external IP destination
-
I have a weird "lab" request. I test hardware that is designed to be locally connected to a machine that has a client installed. It will only talk to the server (192.168.0.1:443) if the client ip is in that same subnet.
Example:
client ip =192.168.0.100
server ip = 192.168.0.1
This works no problem.The issue I have is I need the server to reside on another network accessible via public IP. This is so I can test the software against the hardware that exists in a remote lab. What i want to do is redirect all traffic destined for 192.168.0.1 (internal) to 1.2.3.4 (external). The server will accept a connection from any ip address it is the client software that has a problem.
Here is a rough diagram:
Client 192.168.0.100
|
|
Pfsense 192.168.0.254 LAN GW
| 4.5.6.7 (public IP)
|
|
remote FW (1.2.3.4)
|
|
server 192.168.0.1 (port forwarding setup to forward 1.2.3.4:443 to 192.168.0.1)I want to have pfsense take traffic destined for 192.168.0.1:443 on the LAN interface and redirect to the external interface re-writing the destination to 1.2.3.4:443
*caveat: the client software requires that the configured server address (192.168.0.1) be a member of the local subnet on the machine. in other words the client local adapter cannot be 172.16.0.100 and the server be 192.168.0.1. -
At first you have to add the fictive server address 192.168.0.1 to the pfSense LAN interface as an IP alias. Firewall > Virtual IP.
Then add a port forwarding rule:
interface: LAN
Protocol: <set it="" to="" match="" your="" needs="">source: 192.168.0.100
Destination: 192.168.0.1
Destination port range: HTTPS
Redirect target IP: 1.2.3.4
Redirect target port: HTTPSThat should work for you.</set>