Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi IP interface NAT

    Scheduled Pinned Locked Moved NAT
    5 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      itanis
      last edited by

      Hi,

      I have an interface with multiple ip address and NAT enabled. I am trying to figure out how to get certain traffic to use specific translated address. example, I have IP1 and IP2 in the interface. I want traffic which destination is NETWORK1 to use IP1 as translated address and traffic which destination is NETWORK2 to use IP2 as translated address. Right now the translation is a little messed up as traffic which going to NETWORK1 sometimes got translated as IP2.

      I hope I'm making sense here, any directions will be helpful. Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • M
        mibovrd
        last edited by

        Not really making sense. VLAN's? Routing? What are the IP's and mask's that you are using? WAN or LAN?

        Tweet: MIBovrd@cqrite http://www.cqrite.com

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Outbound NAT controls what gets translated where. Exactly what your symptoms are isn't clear, but set your outbound NAT accordingly and you'll be set. details documented in http://pfsense.org/book

          1 Reply Last reply Reply Quote 0
          • I
            itanis
            last edited by

            The interface I'm trying to NAT is OpenVPN. The interface itself has 2x IP address as I connect to 2 different Sites. When there is only 1 IP, everything works well. I created a Outbound NAT with Interface as OpenVPN, NAT address as "Interface".

            IP1 - 192.168.50.1/30
            Site1 IP mask - 10.0.0.0/16
            IP2 - 192.168.51.1/30
            Site2 IP mask - 172.16.0.0/24

            When there's 2 IP address assigned to the interface, the NAT will translate outbound traffic to either 1 of the IPs regardless of the route.
            So I am trying to setup the Outbound NAT, that if it goes through IP1, it will be translated to IP1 not IP2. Thus the logical setup target of the outbound NAT should be under "NAT Address" I tried using subnet option, Any option but nothing works.

            For the "other subnet" option under NAT Mapping, I entered 192.168.50.1/30 or /32 for any traffic that goes to Site1.
            However, when I use this option, the traffic that goes over to Site1 is translated to address 192.168.50.0 thus unable to get any return traffic.
            When I use "Interface" option under NAT Mapping, periodically traffic that goes over to Site1 is translated to both 192.168.50.1 or 192.168.51.1. If the address is translated to 192.168.50.1, then everything is well.

            Thanks cmb, I will try to look into the book for proper usage of NAT, perhaps I can find something

            1 Reply Last reply Reply Quote 0
            • I
              itanis
              last edited by

              i somehow got it to work using NAT 1:1 to map specific internal address to the outbound address on the interface i want based on destination network. it seems more like a walkaround and not really elegant.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.