NAT & Gateway on different machines

Floh

Hi,
we're using 2 pfSense on different machines with 2 different IP. We're running servers (Web, Mail, etc…)which have 1 Gateway stored. Not every server are using same gateway (it depends on physical connection).
Now I have a server use pfSense01 as Gateway but and I setup NAT on pfSense02. But it's not accessible from outside (IP of psSense02).

What should I do in that case?
cu Floh

GruensFroeschli

If you want to use a different router for inbound traffic than the default gateway of the servers you need to do some kind of source NATing.

You can do this by:
Firewall –> NAT --> outbound
Enable manual rule generation.
Create a new rule with:
Interface: LAN
Source: any
Destination: server_you_want_to_access.

Floh

@GruensFroeschli:

If you want to use a different router for inbound traffic than the default gateway of the servers you need to do some kind of source NATing.

You can do this by:
Firewall –> NAT --> outbound

Do you mean as following?
Internet -> pfSense02 -> pfSense01 -> internal Server

cu Floh

GruensFroeschli

I dont follow you.
From your previous description your setup looks like this:

Internet –--------- pfSense1----\           
                                            \            |---- Server_x
                                            Switch----|----- Server_y
                                            /          |----- Server_z
Internet ----------- pfSense2-----/

If Server_x has as default gateway pfSense1 and you want to connect to Server_x per NAT via pfSense2, the you need to setup source NATing as i described before.

Floh

Jupp, you understand right. So I have to do some rules as you suggested on pfSense02 but no change on pfSense01 is needed, right?

GruensFroeschli

yes.