Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Any way to preserve source address instead of NAT'ing?

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stevemitchell
      last edited by

      Hello,

      I am using pfsense between two LAN segments.  One side is connected to the WAN, the "outside" network that I don't manage, and the LAN interface is connected to the network I manage.

      I need the source addresses that are on the LAN segment to show up on the WAN side when people make connections. I don't want one of the firewall's IPs to show up when someone SSH'es through to another host on the WAN side.

      I thought I had this working, but it doesn't seem to be anymore.  I am using CARP, and not bridging.  I do not want to bridge if I can help it.

      Is there a way to do this?  Perhaps not using the WAN interface, and just using LAN and an OPT interface? Am I missing something obvious?

      1 Reply Last reply Reply Quote 0
      • D
        danswartz
        last edited by

        Not 100% sure of this, but try the following: in NAT, go to outbound, and switch to AON (manual NAT).  It will create a default rule.  Then, manually create a new rule where the destination is the subnet for the WAN.  Click the checkbox at the top that says "no NAT".  Then, make sure you move that rule to be before the default one.  Give that a try?

        1 Reply Last reply Reply Quote 0
        • S
          stevemitchell
          last edited by

          Thanks - I'll give that a try… sounds like it work work perfectly.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.