New Setup Query - LAN Client IP on WAN



  • I have just installed pfsense for the first time and hope that someone can help with my setup. I'm sure its simple but i am a novice when it comes to networking…

    Heres the setup:

    WAN - Main Network
    Range: 10.12.172.x

    LAN - New Guest Network
    Range: 10.12.173.x
    DHCP Server Enabled

    With the current setup the clients on the LAN network are able to get to the internet via our proxy and to servers on the WAN that Ive specified in the firewall rules.

    The proxy server and web filtering is provided by our ISP and uses the clients IP address to filter web traffic. The issue i currently have it that the LAN clients are being seen by the proxy/web filtering as the pfsense WAN interface IP address rather than their own 10.12.173.x address. Therefore I am unable to filter web traffic per IP on LAN.

    From searching the forums for an answer i have come across NAT 1:1 and bridging… Can someone please explain what the correct method is. Thank You



  • I think  you may have meant to say "The issue i currently have it that the LAN clients are being seen by the proxy/web filtering as the pfsense WAN interface IP address", no?  That would certainly be the default behavior.  That said, if your WAN IP is a non-routeable subnet, that implies that someone upstream of you (your ISP) is doing some sort of NAT, correct?  If so, the answer would be to stop NAT'ing the traffic outbound from pfsense.



  • I apologize.. I did mean the WAN interface IP. Can you please explain how i would go about "stop NAT'ing the traffic outbound from pfsense" Thanks



  • I believe the easiest way is to go to Firewall => NAT => Outbound and switch from automatic to manual NAT.  You should see a rule appear referring to the LAN.  Delete it.



  • Thanks for your help. I will try this tomorrow and will post the result.


Log in to reply