Outbound Traffic ip forwarding
-
hi all, first sorry for my bad english,
i want to forward Outbound connettion to another ip,For example,
same application try to connect to 88.88.88.88 wan ip. i wantto redirect this connettion to 99.99.99.99 wan ip. both of ip's internet ip. not local. i try outbound nat, port forwarding but not worked. -
@soner_balci
I assume, you're talking about connection from devices inside your local network.
So you have to do this with a NAT port forward rule. Add a new rule, select the interface, where the connections are coming in, e.g. LAN. If you want to apply this rule to certain source devices only, enter the IP, subnet or alias as source, as destination state 88.88.88.88 and at redirect target enter 99.99.99.99. -
@viragomann
both ip's outside my local network -
@soner_balci
Then you need both, a port forwarding and an outbound NAT rule. Consider that the latter replaces the origin source IP with your public IP. Hence the destination host can only see your IP, but not the origin source.Port forwarding is as explained above, but even you need the rule to apply on the WAN interface.
In the outbound NAT settings, activate the hybrid mode if it's still in automatic mode.
Then add a rule similar this:
interface: WAN (outgoing)
source: any or certain IPs, subnet, alias
destination: 99.99.99.99
translation: interface address -
@viragomann
i was traying only port forward or outbound nat.
now its working. thank you so so much for your help. -
@viragomann
in my virtual machine its working. but on another physical server it not worked. when i checck status screen i see error like this;192.168.1.145:64877 -> 99.99.99.99 (88.88.88.88 :80) CLOSED:SYN_SENT
-
@soner_balci
I'd not expect to see a private address in this connection status.
Does this router have a private WAN address?
If so there must be a router in front of it, who has to do the masquerading accordingly. Rather this router should do the forwarding as well. Maybe that doesn't work or has to be configured yet. -
@viragomann pfsense wan adress is http://192.168.1.250/. and it working behind a another router.
Do I need to do port forwarding on the main router as well? -
@soner_balci
So what is the IP 192.168.1.145? The main router?The idea was doing this all on the front router. But maybe that's not possible due to insufficient functions.
-
@viragomann 192.168.1.145 is client ip. router 192.168.1.1. front router is not advanced enough to do this job. thats why i want to do this with pfsense
-
@soner_balci
The the request does obviously not come from the internet.
Otherwise you should not see a private source IP.