NAT & Gateway on different machines



  • Hi,
    we're using 2 pfSense on different machines with 2 different IP. We're running servers (Web, Mail, etc…)which have 1 Gateway stored. Not every server are using same gateway (it depends on physical connection).
    Now I have a server use pfSense01 as Gateway but and I setup NAT on pfSense02. But it's not accessible from outside (IP of psSense02).

    What should I do in that case?
    cu Floh



  • If you want to use a different router for inbound traffic than the default gateway of the servers you need to do some kind of source NATing.

    You can do this by:
    Firewall –> NAT --> outbound
    Enable manual rule generation.
    Create a new rule with:
    Interface: LAN
    Source: any
    Destination: server_you_want_to_access.



  • @GruensFroeschli:

    If you want to use a different router for inbound traffic than the default gateway of the servers you need to do some kind of source NATing.

    You can do this by:
    Firewall –> NAT --> outbound

    Do you mean as following?
    Internet -> pfSense02 -> pfSense01 -> internal Server

    cu Floh



  • I dont follow you.
    From your previous description your setup looks like this:

    Internet –--------- pfSense1----\           
                                                \            |---- Server_x
                                                Switch----|----- Server_y
                                                /          |----- Server_z
    Internet ----------- pfSense2-----/

    If Server_x has as default gateway pfSense1 and you want to connect to Server_x per NAT via pfSense2, the you need to setup source NATing as i described before.



  • Jupp, you understand right. So I have to do some rules as you suggested on pfSense02 but no change on pfSense01 is needed, right?



  • yes.


Log in to reply