Can I NAT from WAN to OPT1?
-
I would like to NAT some traffic from my WAN port to an OPT port.
Is it possible?
the NAT screen has no option to choose the internal interface.
Will it automatically select the correct interface dependent on the IP used? -
To do this you create a firewall rule that matches the traffic you want to go out OPT1, on the LAN interface, and for the Gateway option select the OPT1 gateway.
If you want to set up failover to your other WAN, you can read the MultiWAN howto on the doc wiki. The process is similar, you just have to create the failover pool in the load balancer and then use that as the gateway instead.
-
Thank you for the reply, but I believe it didn't answer my question, or I just didn't understand…
I have 1 WAN port, and I would like some Nat'd traffic to hit a DMZ on OPT.
Sounds like you were talking about 2 WANS...
-
In that case, then you're right, and I believe this will work with an AoN rule specified, but it's not a configuration I've used or tested.
Sorry for the confusion. In my opinion NAT is a kludge that you should never need to use on an internal network, and one that should be avoided whenever possible, so I just never thought at all about using it on the LAN/DMZ.
-
I did setups like this (although only temporary as a workaround).
Yes you can enable AoN and create a rule to NAT traffic from the WAN to an OPT.More importantly: Why do you need that, and what is your goal?
In my setup i had to access a manageable switch, but it wasn't possible to set a default gateway on this switch.
With this workaround (it's sometimes called "source NAT") it was possible to access the switch, since the visible source was the pfSense –> in the same subnet --> directly reachable without a default gateway.
