• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Multi Wan IP and NAT. Routing traffic from LAN host

Scheduled Pinned Locked Moved Routing and Multi WAN
4 Posts 2 Posters 670 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    Kasproso
    last edited by Nov 23, 2021, 11:39 AM

    Hi

    I was looking for solution since months, but none of the articles didn't help me.

    Case:
    I've got dedicated server on Hetzner, this server has also additional network with public IP's. In that server I got KVM with few virtual machines. On one of the VM's I've install pfsense as firewall and gateway for all VM's.
    I want to assign public ip's to some vm's. F.eg one of the vm's is a web and mail server. So using NAT I've assign 1:1 public IP <> Lan IP.
    Zrzut ekranu 2021-11-23 o 12.20.42.png
    And everything works fine. However if VM is connecting to some service in internet, it's visible as using main WAN IP, not IP assigned to it. But I would like to use different IP's for outgoing traffic.

    At this moment I got:

    incoming:
    WAN
    IP.A > host.A
    IP.B > host.B
    IP.C > Host.B

    Outgoing:
    Host.A > WAN
    Host.B > WAN
    Host.C > WAN

    But I would like to have:
    Host.A > IP.A
    Host.B > IP.B
    Host.C > IP.B

    I've try to manipulate with Gateways but still nothing. In Hetzner I got one GW for main IP and one GW for additional network. I've try to use both, but I can't assign different GW'a for each interface. or maybe I'm doing it wrong.

    Is it possible to achieve that? Maybe my network configuration on dedicated server is wrong?! I don't know.

    Thank's for any help

    V 1 Reply Last reply Nov 23, 2021, 1:39 PM Reply Quote 0
    • V
      viragomann @Kasproso
      last edited by Nov 23, 2021, 1:39 PM

      @kasproso
      Basically that's what NAT 1:1 is meant to do.
      However, you have to add the rules to WAN instead of internal interfaces at all.

      K 1 Reply Last reply Nov 23, 2021, 2:55 PM Reply Quote 0
      • K
        Kasproso @viragomann
        last edited by Nov 23, 2021, 2:55 PM

        @viragomann ok, thank's.

        So am I doing it wrong?
        If this is ok, how the role should looks like? I was trying to figure it out, but maybe I'm not smart enough.

        V 1 Reply Last reply Nov 23, 2021, 3:11 PM Reply Quote 0
        • V
          viragomann @Kasproso
          last edited by Nov 23, 2021, 3:11 PM

          @kasproso
          https://docs.netgate.com/pfsense/en/latest/nat/1-1.html#nat

          NAT 1:1 does network address translation on both, inbound and outbound traffic.
          The interface you want apply this might be WAN rather than an internal interface, naturally.

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received