Transparent something so just one ip range is snat'ed.



  • Will pfsense do this and is it a transparent proxy or transparent bridge or something else I need?

    Scenario.

    I have rules on one firewall I cannot change and we dont want to change.  There is one small subnet that has its own ruleset that comes in our firewall on the internet interface and goes out on the lan interface.  I want to transparently intercept these so the source is natted and they will go back to the internet interface when they leave.

    So basically if this range comes in on the internet it goes out on the internet, if it comes in on the intranet it goes out on the intranet.  I am willing to put something on the internet side that would alter that subnet only.  Just do not want to change the internal firewall interfaces.

    ie.  200.100.100.10  internet address for https web server
        100.100.100.10  intranet address for the same https web server

    Source IP 150.150.150.10

    if the traffic comes in from 100.100.100.1 the lan interface it goes out that one just fine.
    if the traffic comes in from the 200.100.100.1 the wan interface it goes out the 100.100.100.1 so it gets lost.

    Any ideas?

    Thank you.

    Melee.


Log in to reply