Route internal ip to different internal ip

  • Hi, We have software that we use the ip of to connect to.
    We have 8 hardware pfSense routers and 8 Site2Site IPSEC Vpns setup, and all 8 different locations all access this software through the VPN.
    Everyone uses this IP to connect to our software.

    Is it possible to somehow make it where if anyone tried to connect to that IP (anywhere on the local or VPN networks) it will reroute them to the new location of

    I'm sure there are million of good reasons to not do this, but if we can temporarily do it then we can make the migration so much smoother.


  • Presuming you're accessing the software by TCP, if clients and server are on different network segments, connected to different pfSense interfaces, you can do that with a simple NAT port-forwarding rule.
    If both are connected to the same interface, a workaround with NAT port-forwarding on the WAN with NAT reflection + proxy should do it.

  • The best way to do things like this is to use DNS. Assign a DNS name to the server/service and use that for all of the clients. That way, when you do a migration, you only need to change the DNS entry (one change) versus making all of the individual changes on the client. It also helps reduce the complexity the routing you're attempting.

  • @tim-mcmanus Thank you for the tip, we have actually set that up already but we are working off the old system and unfortunately it was all IP driven - we are switching everything over now though so this idea will probably work best.
    I have set it up so that will connect to the local IP if anything is within the local network OR the VPN, and if they are outside of the network then will connect them to the external IP of the router.

  • @viragomann Thank you, I will be looking into this and can hopefully figure it out. Seems like a good thing to know.

Log in to reply