How to allow Wan to Wan Port forwarding?
-
Hi!
I can't use a VPN or proxy to solve my problem.
I just need to redirect the IP from the external WAN to another IP and port from the external WAN.
I have one network card and I don't use local network (I don't need it).
pfSense is installed on a dedicated server.
I'm trying to create a NAT rule but it doesn't work.
What are my ideas to allow traffic to the global network?
Outgoing packets go successfully, incoming packets only to the web interface. The firewall rules don't work.Translated with www.DeepL.com/Translator (free version)
-
@xenofobia said in How to allow Wan to Wan Port forwarding?:
I just need to redirect the IP from the external WAN to another IP and port from the external WAN.
Redirect to another IP on the same interface?
-
@viragomann
nope, I'm need redirect from external network to external network.
For example, user from Canada 100.42.23.* will connect to my dedicated server in Holland IP 181.214.206.:1234 and next it should be forward to my dedicated server in USA 102.129.201.:80, that is, these are IPs from external different networks!
Of course my dedicated server has one network card and one IP -
@xenofobia
Consider that this only works in combination with masquerading, i.e. the destination server sees your IP instead of the origin.The forwarding works with a simple port forwarding rule as you can add it for internal destination.
For the masquerading go into the outbound NAT settings, select the hybrid mode (or also manual, since you don't use internal networks) and save that.
Then add a rule to WAN where you have to set the source and destination to any, translation address is "interface address", which is even default, and save it.That's the whole magic.
-
@viragomann
You are a genius! It works!
I am very grateful to you!!! -
I do this with HAproxy - it also supports keeping the original source IP to the destination, I can also terminate SSL/TLS and change ports along the way - very versatile :)