Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing Internet Traffic via Windows computer Without Changing Default Gateway

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 2 Posters 372 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AlcMat
      last edited by

      Hello, just for purpose testing, in case of internet provider outage, I want to route all local network internet traffic through a Windows 11 machine that is connected to the local network via Ethernet and to a mobile hotspot via Wi-Fi, while keeping the pfSense firewall as the default gateway for all network devices.

      Network Scenario

      • pfSense firewall (LAN interface): 10.0.0.1 (default gateway for all devices)
      • Windows 11 machine (Ethernet - LAN): 10.0.0.10 (static IP)
      • Windows 11 machine (Wi-Fi - Hotspot): 192.168.137.2 (automatically assigned by mobile phone)

      Goal

      My objective is to allow all devices on the 10.0.0.0/24 network to access the internet through the Windows 11 machine's Wi-Fi connection, without requiring any changes to their default gateway (which must remain 10.0.0.1).

      What I Have Tried So Far

      I have attempted the following approach, but not have worked successfully:

      1. Enabling IP Forwarding on Windows (IPEnableRouter in the registry) and turned off windows firewall
      2. Adding Windows (10.0.0.10) as main gateway on pfSense

      Maybe a NAT problem?

      Any guidance would be greatly appreciated. Thank you in advance for your help!

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @AlcMat
        last edited by

        @AlcMat said in Routing Internet Traffic via Windows computer Without Changing Default Gateway:

        Enabling IP Forwarding on Windows (IPEnableRouter in the registry) and turned off windows firewall
Adding Windows (10.0.0.10) as main gateway on pfSense

        Maybe a NAT problem?

        You have also to masquerade the traffic with an outbound NAT rule to avoid asymmetric routing.

        Enable the hybrid mode in the outbound NAT.
        Add a rule:
        interface: LAN
        source: LAN net
        destination: any
        translation; interface address (LAN address)

        You can also configure a gateway group on pfSense to do the failover automatically.

        A 1 Reply Last reply Reply Quote 0
        • A
          AlcMat @viragomann
          last edited by

          @viragomann I have this outbound rule but I get stuck here:

          tracert 9.9.9.9:

1    <1 ms    <1 ms    <1 ms  firewall.pfsense [10.0.0.1]
2    <1 ms     *        *     Computer.with.hotspot.wifi [10.0.0.10]
3     *        *        *     Request timed out.
          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @AlcMat
            last edited by

            @AlcMat
            Sniff the traffic to see if the masquerading rule works properly.

            If it's fine that's all you can do on pfSense. Then there might be something wrong on the Windows machine.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.