Configuring NAT overload in pfSense
-
I have an IPsec VPN tunnel between two sites where Router A is running pfSense and Router B is a third-party router as below:
LAN A---Router A (pfSense) <===IPsec tunnel===> Router B (third-party)---LAN B
Router A has routes to systems on remote networks, which hosts in LAN B should access. I want to configure NAT overload so that when a Host in LAN B accesses systems in the remote networks, the external system sees the source IP (from LAN A) of the pfSense box and not the source IP of the host on LAN B. How do you configure NAT overload in pfsense to do this? Tried searching online, but couldn't find any info on configuring NAT overload.
-
Wtf is 'nat overload'?
What you are describing seems to be just 'nat' ... Nothing fancy about it.I guess you just have to add a nat rule on the tunnel interface like you'd do on any other interface?
-
@heper said in Configuring NAT overload in pfSense:
Wtf is 'nat overload'?
http://www.firewall.cx/networking-topics/network-address-translation-nat/233-nat-overload-part-1.html
@heper said in Configuring NAT overload in pfSense:
I guess you just have to add a nat rule on the tunnel interface like you'd do on any other interface?
In the settings: Firewall > NAT, there is only:
-
Port Forward
-
1:1
-
Outbound
-
NPt
The closest one to my use case is 1:1 NAT, but additionally I want to keep track of which client the request belongs to by mapping the client to a specific port similar to NAT overload, i.e. Port Address Translation.
-
-
@tsame said in Configuring NAT overload in pfSense:
NAT overload
Also never heard this term.
What you're looking for might be the Outbound NAT in pfSense. "Outbound" because it translates the source addresses in packets when they are going out to an network port.
So select the LAN interface (that's where the packets going out), at source enter the LAN B network and set the translation to "interface address" (pfSense LAN IP).
-
Nat overload is a classic cisco term
Also called pat (port address translation) or plain nat as we know it in home appliances.