4. MPLS no nat

MPLS no nat

  • J

    I am going to have point to point lines installed that will have their own subnet and own port on the firewall. What my question is what is the most effective way to turn off Nating between each lan and have it on for the internet access.

    My original thought would be under AON to create a rule going between subnets to have the not nat option selected.

    0

  • NAT between OPTs and LAN is off per default.

    If you're using AoN.
    Have a single rule for the WAN, with as source your NATed subnets.
    Make sure you dont have any rules for LAN/OPTs.

    No rule = no NAT.

    0
  • J

    Ohh ok cool now you put it that way kinda obvious. Thanks

    0
  • Rebel Alliance Developer Netgate

    Actually, if you put a gateway on the OPT interface settings, it may get NAT applied since it is then considered a WAN-type interface.

    But it's easy to get around that by doing as GruensFroeschli said: enable Manual Outbound NAT (AON), and make sure you do not have a rule set there for the OPT interface.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy