Do I need NAT?



  • Hello,

    I currently have a bonded ADSL service going to a FreeBSD/PF box that is connected to a 3Com vLan switch.

    I'm changing the ADSL provider and also going over to pfSense - the new broadband provider has asked me if I need NAT and, if so, do I have any special requirements.  My 'guess' is that I want it turned on and left as standard - am I right?

    I have said that VPN will be used (and I'll possible have to set this up in pfSense).



  • why to use isp to do the same job that pfsense will do. If you're meaning nat is the main question.

    in some occassions you can say to isp that you have very capable firewall so you don't need anything except line and ip's(ofcourse some speed) but anything else is done by yourselve.

    But there is also some cases when it's not feasible to say that to isp. and just ask what isp do for you.



  • I agree with Metu69salemi.

    You do not "need" NAT from them. pfSense will handle NAT in your environment.

    In fact, having NAT on pfSense behind NAT provided by your ISP can cause problems, so you likely don't even "want" NAT from them.

    If you are going to run a service like VPN from pfSense, I would say you would want to be in control of all NAT behavior in your environment by using NAT only on your pfSense box.

    My $.02



  • So, not NAT on the incoming service is what I'll do.

    Many thanks



  • Getting a bit concerned here!!

    I've unpacked the goods - 3 x adsl routers/modems and 3 x sharedband units.  No bonder (I've got to use a normal switch apparently).  Do I still want the NAT & DHCP turned off in these modems/routers?



  • If the router/modem can be configured in Bridge mode then that is your simplest option. It avoids double-NAT, which can cause problems.



  • Thanks Havoc


Log in to reply