/30 nat on DMZ
-
Hello,
I have a /30 connecting to the ISP and a /28 which is my public IP's. The /30 is a private ip just for the connection. I have assigned a public IP on the DMZ. I would like to NAT my LAN traffic with that IP, furthermore I would like any hosts on the DMZ to not be NATED. Not sure how to do this on pfsense. Could someone point me in the right direction?Provider 192.168.1.0/30 -> PFSense WAN -> DMZ 1.2.3.4/28
-------------------------> PFSense LAN -> 10.0.0.0/24 -
I am looking for Outbound NAT setup.
I have create a Virtual IP for my DMZ network as type other and then network. I have gone ahead and enabled the outbound NAT on the firewall section with the virtual IP and the LAN as the source network.
I am still not able to ping out the internet. -
I don't think it's going to work to have the same public IP subnet on both the router WAN and the DMZ. It won't know where to route. I think you'll need to use 1:1 NAT to forward the IPs to the DMZ servers.
re: outbound NAT try
Source: IPofServer1/32
Destination: any (the Internet)
NAT Address: publicIPofServer1Also remember to set up firewall rules on the DMZ network allowing access out. They only exist by default on LAN.