Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Outbound NAT?

    NAT
    3
    25
    1.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ
      johnpoz LAYER 8 Global Moderator @gatenet
      last edited by

      @gatenet said in Outbound NAT?:

      I just removed the gateway from the LAN2 interface

      Out of curiosity - what did you have there? In your network drawing there is nothing you could of pointed to on the 192.168.16 network that would of been able to get to other networks.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      G 1 Reply Last reply Reply Quote 0
      • G
        gatenet @johnpoz
        last edited by

        @johnpoz Well, there is a twist.

        I had the gateway there 192.168.16.1 (its a router without an internet connection, it is in the drawing).

        And now I know why I put it there when I was setting this up a few years ago.

        There is a monitoring server also on LAN1 that makes SNMP querys to this LAN2. And this stopped working now when I removed this gateway from the LAN2 interface.

        So I have a new problem to solve now :) yaaaaay

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @gatenet
          last edited by johnpoz

          @gatenet said in Outbound NAT?:

          There is a monitoring server also on LAN1 that makes SNMP querys to this LAN2.

          That sure and the hell has zero to do with a gateway setting on lan 2 interface.

          Your problem with talking to device on lan 2 from lan 1, is if your lan 2 devices point to that 16.1 as a gateway? Gateway to what? You show it has no internet access. So what does it have access to? From your drawing this 192.168.16.1 is pointless device..

          Your devices on 192.168.16 should point to the pfsense lan 2 IP as their gateway.. If you don't want these devices to have internet, then don't allow them internet access.

          If this 192.168.16.1 device is router to other networks, then it should be attached to pfsense via transit network and you can correctly route all your local networks, etc. etc..

          What other networks does this 16.1 have access to?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          G 1 Reply Last reply Reply Quote 0
          • G
            gatenet @johnpoz
            last edited by

            @johnpoz Well, one would think that. But that device is a VPN concentrator for access to many different networks, this 192.168.16.x being one of them.

            Its quite a rigid setup on this 192.168.16.1 device, no internet allowed out. That is why my idea for getting emails out was using a pfsense, since messing with this main gateway could break other more important things... And this works now thanks to you.

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @gatenet
              last edited by

              @gatenet well if you lan 1 devices that need to talk to lan 2 devices that point to 192.168.16.1 as their default gateway.

              Just source nat your traffic from lan 1 so it looks like it comes from pfsense lan 2 IP via outbound nat on the lan 2 interface.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.