Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT 1:1 newbie question

    NAT
    2
    5
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jr2006
      last edited by

      Hello, I am new to PfSense, and I have one problem. I got a class of public ips from my isp and I made them work … but in a random way.
      My LAN ip's are Class C 192.168.xxx.xxx and my router(pfsense) has 192.168.1.1. The problem is that my lan computers start from address 192.168.1.33, but pfsense starts giving public ip's from 192.168.1.2. So for the ip 192.168.1.2 he gives the public ip 8x.xxx.xxx.130, and I don't want to give that public ip to that lan ip, I want to give it to the ip 192.168.1.33 for example.
      My public ips are on /25 and my lan ips are on 192.168.1.33/255.255.255.0 . When I tried adding 1:1 NAT rules ... I had no results ... it still gave ip's as he wanted ... 192.168.1.2 = 8x.xxx.xxx.130 ; 192.168.1.3 = 8x.xxx.xxx.131 etc.
      I know my english is bad and my message is not that clear ... and sorry for that ... but please help.

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        Not sure if I understand, but it sounds like maybe you have gone to firewall, NAT, 1-1 NAT and created a nat mapping using external subnet 8x.xxx.xxx.129/25 mapped to 192.168.1.1. This will match 8x.xxx.xxx.129-254 to 192.168.1.1-126. To do what you want,I think you should delete this NAT mapping, then add individual ones as needed, such as external subnet 8x.xxx.xxx.130/32 internal subnet 192.168.1.33. Mapping one IP at a time (/32) will give you more control over which computers get which public IPs.

        1 Reply Last reply Reply Quote 0
        • J
          Jr2006
          last edited by

          Thx alot mate, that worked , change from /25 to /32 … but if I'm not asking too much could someone explain how this "/25" work ?

          1 Reply Last reply Reply Quote 0
          • dotdashD
            dotdash
            last edited by

            The /25 notation is just shorthand for the block of IPs you got from the ISP. /24 is a Class C network with 254 hosts, /25 is half a C with 126 hosts, etc. A /32 just signifies a single host. If you use a mask other than /32 in the 1:1 NAT screen, you map multiple internal IPs to multiple publics.

            1 Reply Last reply Reply Quote 0
            • J
              Jr2006
              last edited by

              Thank you very much dotdash ! And by the way … PfSense is very nice. Switched from IpCop for it.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.