Cannot disable NAT on PFSense 2.7.2 CE
-
On PFsense 2.7.2 CE (206.x.y.41/29), I have BGP running, and setup some hosts on the BGP subnet. For some strange reason, I cannot NAT disabled. Hence, when host on one of the other public IP subnets (196.x.y.70/26 or 196.x.y.66/26) connects to the internet, is is seen as the internet gateway, i.e. 206.x.y.41/29.
This causes major issues as the traffic is NAT'ed. cPanel, for example cannot license the server as
the wrong IP comes up.
-
@BlueSun said in Cannot disable NAT on PFSense 2.7.2 CE:
setup some hosts on the BGP subnet
If you set a gateway in the interface settings, pfSense automatically creates a NAT rule for that subnet. Have you set one for the BGP subnet?
Netgate pfSense docu: Default NAT Configuration:
"For detecting WAN-type interfaces for use with NAT, pfSense software looks for the presence of a gateway selected on the interface configuration if it has a static IP address,..."
-
@patient0 said in Cannot disable NAT on PFSense 2.7.2 CE:
@BlueSun said in Cannot disable NAT on PFSense 2.7.2 CE:
setup some hosts on the BGP subnet
If you set a gateway in the interface settings, pfSense automatically creates a NAT rule for that subnet. Have you set one for the BGP subnet?
Netgate pfSense docu: Default NAT Configuration:
"For detecting WAN-type interfaces for use with NAT, pfSense software looks for the presence of a gateway selected on the interface configuration if it has a static IP address,..."
I have setup a default gateway for the BGP subnet.
-
@BlueSun ok, I'm generally out of my depth in regards to BGP.
All I can say if you set a gateway in the interface settings (see screenshot) then pfSense creates NAT rules automatically, if outbound NAT is set to automatic or hybrid.
But since you have disable outbound NAT I can't see your traffic being NAT-ted at all.
Are you using the FRR packages and if yes did you have a look at pfSense Docu: BGP Example Configuraton for a start?
