PFsense in the Colo environment

jcpolo

Hey there guys,

I have a doozy for ya… well maybe not

I have a pfsense firewall in a datacenter and recently I have had to do a lot of reconfiguring of how the datacenter gives me the ip addresses that I use.

I am trying to get Direct Admin working and due to the way they do their license verification the ip that is on the server is the ip that has to hit their authentication system. Currently no matter how I setup my firewall the ip that hits their authentication server is the WAN ip of my pfsense and not the actual ip address on the server itself (in the lan subnet). This leads me to be believe that NAT is on in PFsense.... However all of the inbound connections to the servers on the inside of the network are working just fine... so that means nat is off right? I don't have any NAT rules setup in the rules list so pfsense cant be handling inbound nat redirection....

In any case you can see my confusion... maybe its just the way that Direct Admins verification works? However I have had lots of issues with spam and the providers saying that the mail server ip on my network is not the same as the sending ip address of the mail... again stating that the WAN ip is the sending mail server and not the actual ip on the server (in the lan subnet)

Any assistance would be GREATLY appreciated.

dotdash

Firewall, NAT, Outbound. (Inbound and outbound have separate rules)
By default, NAT is on. If you have public IPs on your LAN, you'll want to change to manual and check the No NAT checkbox on the rule.
There is a good howto around on setting up a transparent firewall, if that's what you're doing.