• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Redirect SMTP and HTTP traffic with virtual IP from a specific source alone

Scheduled Pinned Locked Moved NAT
23 Posts 4 Posters 8.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E
    Eugene
    last edited by Apr 7, 2010, 5:46 PM

    kpa is right.

    http://ru.doc.pfsense.org

    1 Reply Last reply Reply Quote 0
    • D
      djvenky
      last edited by Apr 7, 2010, 5:52 PM Apr 7, 2010, 5:50 PM

      Actually we have two ISP. one is WAN [reliance] and the other one is Aircel. In this i am trying route a specific source to any using additional static IP from Aircel ISP which starts with 58.x.x.x series.

      1 Reply Last reply Reply Quote 0
      • E
        Eugene
        last edited by Apr 7, 2010, 5:53 PM

        In this case you have to choose proper Gateway in Firewall->Rules for this specific traffic.

        http://ru.doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • D
          djvenky
          last edited by Apr 7, 2010, 6:29 PM Apr 7, 2010, 6:13 PM

          Okay i think i am making some other mistake. Internet doesn't even work when i just set the outbound NAT rule. It just starts staying looking up google.com when i hit it on the browser. If i just allow full access to the domain and DNS server in Rules–> LAN   isn't that enough ? or do i have to add any specific rules.

          But it didn't state connecting to google.com when i hit it in the browser, so i am assuming its only DNS resolution needs to be corrected.
          Any clue's where i would have gone wrong.

          1 Reply Last reply Reply Quote 0
          • D
            djvenky
            last edited by Apr 7, 2010, 6:29 PM

            @Eugene:

            In this case you have to choose proper Gateway in Firewall->Rules for this specific traffic.

            Yes i  checked it, its all set correctly to corresponding GW

            1 Reply Last reply Reply Quote 0
            • E
              Eugene
              last edited by Apr 7, 2010, 6:36 PM

              How many interfaces do you have?

              http://ru.doc.pfsense.org

              1 Reply Last reply Reply Quote 0
              • D
                djvenky
                last edited by Apr 8, 2010, 5:42 AM

                3 interfaces:
                1. LAN
                2. WAN - Reliance ISP
                3. Aircel - ISP

                1 Reply Last reply Reply Quote 0
                • E
                  Eugene
                  last edited by Apr 8, 2010, 1:47 PM

                  How come you have two networks 172.17.0.0/16 and 172.16.0.0/16 on LAN, what are setting (IP address/mask) on your LAN interface?

                  http://ru.doc.pfsense.org

                  1 Reply Last reply Reply Quote 0
                  • D
                    djvenky
                    last edited by Apr 8, 2010, 2:25 PM Apr 8, 2010, 2:23 PM

                    Actualy our Local LAN network is seperated into different VLAN using cisco catalyst switches.

                    IP : 172.16.0.0 /16 and 172.17.0.0/16 and 10.5.0.0/16
                    172.17.x.x for Wireless and 172.16.x.x for servers and 10.5.x.x for desktops like that.

                    1 Reply Last reply Reply Quote 0
                    • E
                      Eugene
                      last edited by Apr 8, 2010, 2:26 PM

                      Little diagram/explanation would definitely have here
                      172.16.0.0/16 vlan x–--|catalyst|?.?.?.?/? vlan ?-----?.?.?.?/?pfSense
                      172.17.0.0/16 vlan y----|          |

                      http://ru.doc.pfsense.org

                      1 Reply Last reply Reply Quote 0
                      • D
                        djvenky
                        last edited by Apr 8, 2010, 2:41 PM Apr 8, 2010, 2:34 PM

                        Thats gonna be little hard …..i will try to explain you the best.

                        first -->server network[172.16.x.x/16] VLAN 10 –> connected to layer 3 switch ---> connected to pfsense [for internet]

                        GW - 172.16.1.10 for server vlan –>  route o.o.o.o o.o.o.o. to pfsense 172.16.1.254 --> packets hits pfsense here.                
                        why vlan coz we have few departments who system or files should not be accessed by others and the wifi we have about 5 profiles.
                        like VIP, staff and guest and so each profile gets a different IP range and cannot access other network. And why cisco switch b'coz it has a concept stacking which gives master and slave switch and both is binded including the ports. each port 1 GBPS so when binded it will work on 2 GBPS and even when one switch is down, it will still start working on the other one.

                        1 Reply Last reply Reply Quote 0
                        • E
                          Eugene
                          last edited by Apr 8, 2010, 4:19 PM

                          Then I suspect you have to have on pfSense:
                          1. Rules on LAN allowing net 172.16.0.0/16 to go to Internet using default gateway.
                          2. Rules on LAN allowing net 172.17.0.0/16 to go to Internet using default 58.xx gateway.
                          3. Rules on LAN allowing net xxx to go to Internet using ??? gateway.
                          "allow to go to Internet" means TCP/UDP port 53, TCP ports 80 and 443 at least (and ICMP if you wish).

                          On NAT->Outbound page you have to create NAT entries for all subnets on proper interfaces.

                          http://ru.doc.pfsense.org

                          1 Reply Last reply Reply Quote 0
                          • D
                            djvenky
                            last edited by Apr 10, 2010, 4:41 AM

                            Yep Eugene at last got it to work.. thnx for all the help.

                            After adding DNS servers in the rule, it all started to work.

                            Thanks,
                            Venkat

                            1 Reply Last reply Reply Quote 0
                            23 out of 23
                            • First post
                              23/23
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                              This community forum collects and processes your personal information.
                              consent.not_received