Transparent something so just one ip range is snat'ed.
meleehunt last edited by
Will pfsense do this and is it a transparent proxy or transparent bridge or something else I need?
I have rules on one firewall I cannot change and we dont want to change. There is one small subnet that has its own ruleset that comes in our firewall on the internet interface and goes out on the lan interface. I want to transparently intercept these so the source is natted and they will go back to the internet interface when they leave.
So basically if this range comes in on the internet it goes out on the internet, if it comes in on the intranet it goes out on the intranet. I am willing to put something on the internet side that would alter that subnet only. Just do not want to change the internal firewall interfaces.
ie. 126.96.36.199 internet address for https web server
100.100.100.10 intranet address for the same https web server
Source IP 188.8.131.52
if the traffic comes in from 100.100.100.1 the lan interface it goes out that one just fine.
if the traffic comes in from the 184.108.40.206 the wan interface it goes out the 100.100.100.1 so it gets lost.