disable NAT for 1 network with multi-WAN
-
Hi,
I am wondering if it is possible to disable NAT for 1 WAN interface.
I have a kind of strange network. So let me explain.
I have 2 ISPs, 1 uses a cable modem that i put on bridge mode and the second ISP uses DSL that i cannot put on bridge mode. I put my pfSense box ip address in the DSL modem as DMZ host to open all ports to the pfsense box. So my network is behind the pfSense box with a bridged main ISP connection and a DMZ DSL ISP connection.
As in this scenario i want to utilize both my public ip addresses but the DSL modem is acting weird with port forwards. So i was wondering if i could disable NAT for the DSL modem network/interface on pfSense to fix the problem.
Also i am not able to swap the DSL modem because some services of the ISP require the modem of the ISP.
If there is any other suggestion i would love to hear.
ISP 1: Cable Modem (bridged) --> pfsense gets public ip address
ISP 2: DSL Modem 192.168.2.1/24 --> pfsense 192.168.2.2/24 (DMZ)
pfSense LAN = 192.168.1.0/24 -
@acnic
Posibly this bug: https://redmine.pfsense.org/issues/11805
? -
@viragomann yes i did read this thread after i posted this question, but if i connect to the LAN of the DSL modem and try i.e 192.168.2.2:80 it works as it should, so i don't know if the bug applies to me.
-
@acnic
two gateways, you are affected by this bug... -
@acnic
The failure of that bug is that pfSense is sending reply packets ever to the default gateway. So if you're on CE 2.5.1 and the DSL modem is not the default gateway, you will be affected.but if i connect to the LAN of the DSL modem and try i.e 192.168.2.2:80 it works as it should
When you're in the DSL modems LAN and access pfSense, replies have not to be directed to a gateway.
This also means, that you can do a workaround by masquerading incoming packets on the DLS router if it is capable of this function.