NAT 1:1 newbie question

  • Hello, I am new to PfSense, and I have one problem. I got a class of public ips from my isp and I made them work … but in a random way.
    My LAN ip's are Class C and my router(pfsense) has The problem is that my lan computers start from address, but pfsense starts giving public ip's from So for the ip he gives the public ip, and I don't want to give that public ip to that lan ip, I want to give it to the ip for example.
    My public ips are on /25 and my lan ips are on . When I tried adding 1:1 NAT rules ... I had no results ... it still gave ip's as he wanted ... = ; = etc.
    I know my english is bad and my message is not that clear ... and sorry for that ... but please help.

  • Not sure if I understand, but it sounds like maybe you have gone to firewall, NAT, 1-1 NAT and created a nat mapping using external subnet mapped to This will match to To do what you want,I think you should delete this NAT mapping, then add individual ones as needed, such as external subnet internal subnet Mapping one IP at a time (/32) will give you more control over which computers get which public IPs.

  • Thx alot mate, that worked , change from /25 to /32 … but if I'm not asking too much could someone explain how this "/25" work ?

  • The /25 notation is just shorthand for the block of IPs you got from the ISP. /24 is a Class C network with 254 hosts, /25 is half a C with 126 hosts, etc. A /32 just signifies a single host. If you use a mask other than /32 in the 1:1 NAT screen, you map multiple internal IPs to multiple publics.

  • Thank you very much dotdash ! And by the way … PfSense is very nice. Switched from IpCop for it.

Log in to reply