Disable NAT/Firewall?

Hayvosh · Feb 1, 2011, 11:59 AM

Hello,

I have a question, I currently got a pfSense server running multiwan to get my internetspeed boosted.
However, I don't like the NAT/Firewall in pfSense at all.

And here's my question, I have a Cisco firewall I'd like to use instead like this :

INTERNET –-> pfSense server for multiwan (NAT/FW off) ----> Cisco Firewall ----> LAN

Question is how i set up the pfsense server to get this working, I only want the pfsense server to do the multiwan thing and nothing else and let the cisco fw do the rest.

Help/guide/tutorial is greatly appreciated!

Hayvosh · Feb 2, 2011, 6:16 PM

No one that has a clue about this? ???

jimp · Feb 2, 2011, 7:08 PM

You can't do multi-wan with the firewall off.

Multi-WAN requires functionality in pf to handle the gateways and policy routing.

You can turn off NAT, but you'll still need the firewall functionality on - you could use pass all rules if you don't want to block anything.

Hayvosh · Feb 2, 2011, 7:11 PM

Yeah, how do I do that then? I want the pf to handle as little as possible but to maintain multiwan

jimp · Feb 2, 2011, 7:13 PM

You disable NAT by going to Firewall > NAT, switch to manual outbound NAT, and delete all of the rules.

As for the firewall rules, on the WAN tab you can add a pass all rule (any protocol, any source, any destination) and on the LAN side you just need rules that pass/direct the traffic into the gateway groups/load balancer pools

Nachtfalke · Feb 2, 2011, 7:15 PM

To disable NAT, you should go to:
Firewall - NAT - Outbound and then "Manual Outbound NAT rule generation (AON - Advanced Outbound NAT)" with no rules. This disables NAT.

I am not sure, if Multi-WAN works without firewall rules, because in the firewall rules you enter which gateway should be used. But you can create rules on every interface "Pass * * * * GW:Multi-WAN"

Then you have to enter static routes on your routers or enable a routing protocol like RIP or OSPF.

–- edit ---
I am typing to slow ;)