NAT Broadcast Address
-
I'm a PFSense noob, so this may be an easy one.
Need to NAT all my traffic with my broadcast address. That is the way it is currently setup on our IPTABLES firewall (using postrouting and snat) and in order to move to PFSense I have to do the same (many clients are ip filtering based on that address).
I've got two pfsense boxes setup with VIP Carp address for failover. If I put in a NAT Outbound Rule to either the actual interface or the VIP Carp interface it works, but when I create a VIP interface (carp/parp/other) as the broadcast address I just get timeouts when I go out to the internet.
I've read I need a port forward but since this is for all traffic I'm not sure how to set it up.
-
Are you having 255.255.255.255 as your gateway? :o
-
lol, nope, sorry should have been more specific. The Broadcast IP for the the subnet range :).
-
What are you trying to do? If you're just trying to NAT all the LAN traffic going out then you don't have to do anything fancy - don't assume that because you had to do it one way with Linux that you have to do it the same on pfSense.
-
Yep that is exactly what I'm trying to do. But when I do, I lose internet. I created a VIP (tried both Carp and Parp), set NAT to Manual, then changed the rule it added to NAT to VIP I created.
Not sure why I lose internet.
-
Can you tell what you want to do with pfsense?
If only firewall normal internet trafic, then you don't have to handle outbound nat etc
