NAT rule
-
Hi Guys,
AWS pf sense running with 2 nics, internal and external.
Port forwards work ok but
I need to have my AWS security group wide open to my destination servers ( web, mail etc for port forwards to work) as the source shows the external ip the request is originally coming from, not the PFsense box as i would of expected ?
any assistance or guidance would be great.
Cheers !
-
@bigunit99
Basically pfSense applies a NAT rule on outbound traffic automatically if there is a gateway stated on the outgoing interface.
So check the WAN interface settings if the gateway is there. Assuming your WAN has a static IP. -
No sorry I'm speaking of Nat port forwarding rules from ext to int.
-
@bigunit99
I see, but it’s usually desired to see the origin IP address, to know where the request is coming from.However, if you don’t care about that you can also masquerade inbound traffic by an outbound NAT rule. You have to add it manually though.
To do so, switch over the outbound NAT to hybrid mode. Then add a rule:
interface: LAN
Protocol: TCP or whatever you need
Source: any
destinations: LAN net or an alias which
includes the desired IPs
destinations port : any or an alias which includes the ports you need
Translation: interface address