Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    disable NAT for 1 network with multi-WAN

    Scheduled Pinned Locked Moved NAT
    5 Posts 3 Posters 512 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ACNiC
      last edited by ACNiC

      Hi,

      I am wondering if it is possible to disable NAT for 1 WAN interface.

      I have a kind of strange network. So let me explain.

      I have 2 ISPs, 1 uses a cable modem that i put on bridge mode and the second ISP uses DSL that i cannot put on bridge mode. I put my pfSense box ip address in the DSL modem as DMZ host to open all ports to the pfsense box. So my network is behind the pfSense box with a bridged main ISP connection and a DMZ DSL ISP connection.

      As in this scenario i want to utilize both my public ip addresses but the DSL modem is acting weird with port forwards. So i was wondering if i could disable NAT for the DSL modem network/interface on pfSense to fix the problem.

      Also i am not able to swap the DSL modem because some services of the ISP require the modem of the ISP.

      If there is any other suggestion i would love to hear.

      ISP 1: Cable Modem (bridged) --> pfsense gets public ip address
      ISP 2: DSL Modem 192.168.2.1/24 --> pfsense 192.168.2.2/24 (DMZ)
      pfSense LAN = 192.168.1.0/24

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @ACNiC
        last edited by

        @acnic
        Posibly this bug: https://redmine.pfsense.org/issues/11805
        ?

        A 1 Reply Last reply Reply Quote 0
        • A
          ACNiC @viragomann
          last edited by

          @viragomann yes i did read this thread after i posted this question, but if i connect to the LAN of the DSL modem and try i.e 192.168.2.2:80 it works as it should, so i don't know if the bug applies to me.

          S V 2 Replies Last reply Reply Quote 0
          • S
            slu @ACNiC
            last edited by

            @acnic
            two gateways, you are affected by this bug...

            pfSense Gold subscription

            1 Reply Last reply Reply Quote 1
            • V
              viragomann @ACNiC
              last edited by

              @acnic
              The failure of that bug is that pfSense is sending reply packets ever to the default gateway. So if you're on CE 2.5.1 and the DSL modem is not the default gateway, you will be affected.

              but if i connect to the LAN of the DSL modem and try i.e 192.168.2.2:80 it works as it should

              When you're in the DSL modems LAN and access pfSense, replies have not to be directed to a gateway.
              This also means, that you can do a workaround by masquerading incoming packets on the DLS router if it is capable of this function.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.