Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Port forwarding to multiple destination machines

    NAT
    3
    3
    1452
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tnine last edited by

      Hi all,
        I have a rather odd question so I could use some pfsense expert input.  We have a small test system that is fed data from an outside party we integrate with.  Currently I just do a port forward from our WAN to a machine in our DMZ.  We need to start working on some new protocol parsing, so I'd like to forward data from external port 8080 to port 8080 on 2 different boxes.  1 is in our DMZ, and 1 is a developer machine in our LAN.  Is there any way to do this in pfsense either out of the box or with an add on?  The messages are using TCP, not UDP, so I know an ACK would need to be sent for the original TCP packets.  This introduces a problem, but I'd prefer to do it with with pfSense rather than write an application that collects and forwards data.

      thanks,
      Todd

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        I dont think this is possible.
        Not from the pfSense side, but from the side of the second computer receiving the copied traffic.

        If it's just about sending all the traffic going to computer1 to computer2 as well: why dont you use a switch which supports mirroring?
        Set the interface on the developer computer into promiscuous and process the data.

        Or how did you imagine you'd want to keep the developer computer from responding to the "copied" traffic as well?

        1 Reply Last reply Reply Quote 0
        • Cry Havok
          Cry Havok last edited by

          If both need to interact with the sender (ie, TCP) then you're going to have to write a proxy/forwarder to perform the initial receipt and then forward on multiple copies.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy