Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Transparent something so just one ip range is snat'ed.

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      meleehunt
      last edited by

      Will pfsense do this and is it a transparent proxy or transparent bridge or something else I need?

      Scenario.

      I have rules on one firewall I cannot change and we dont want to change.  There is one small subnet that has its own ruleset that comes in our firewall on the internet interface and goes out on the lan interface.  I want to transparently intercept these so the source is natted and they will go back to the internet interface when they leave.

      So basically if this range comes in on the internet it goes out on the internet, if it comes in on the intranet it goes out on the intranet.  I am willing to put something on the internet side that would alter that subnet only.  Just do not want to change the internal firewall interfaces.

      ie.  200.100.100.10  internet address for https web server
          100.100.100.10  intranet address for the same https web server

      Source IP 150.150.150.10

      if the traffic comes in from 100.100.100.1 the lan interface it goes out that one just fine.
      if the traffic comes in from the 200.100.100.1 the wan interface it goes out the 100.100.100.1 so it gets lost.

      Any ideas?

      Thank you.

      Melee.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.