Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to "NOT NAT traffic" sourcing from my internal network to a certain subnet

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yongbum75
      last edited by

      Hi, my company decided to switch ISPs and decided to buy from cBeyond a packaged internet solution which includes their own site-to-site VPN solution they call "On-Net VPN".  I had tried to convince my management to use pfSense's built-in VPN capability but the decision was made to go with cBeyond's packaged solution.

      Anyway, I still want to keep our pfSesne firewalls for other purposes such as content filtering.

      That said, this is what cBeyond told me to do (via email) in order to keep our firewalls.

      "you will need to create a rule in the LAN router to NOT NAT traffic sourcing from your internal network destinated to 192.255.100.0/24. This rule specifically states that the internal source address will not be replaced with the WAN IP address."

      My question is what do I actually have to do to "NOT NAT traffic"?

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        Just go to:
        FIREWALL - NAT - OUTBOUND

        There you will use "Manual Outbound NAT rule generation" and click save
        then delete all outbound rules out of nthe list if there existe some. Save.

        That's all. Now pfsense is routing only with firewall capabilities.

        If you would like to disable NAT AND firewall just got to:
        SYSTEM - ADVANCED - NETWORK/NAT:
        Disable Firewall

        Hope this will help you.

        PS: If you disable NAT your provider or the router ahead of pfsense needs static routes to your LANs behind pfsense.

        1 Reply Last reply Reply Quote 0
        • Y
          yongbum75
          last edited by

          Thank you for your quick reply!!!!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.