NAPT for IPv6
-
Hi, I've been trying to find a solution that provides one to many NAT for IPv6. I've read through the forums a lot trying to find a solution.
http://forum.pfsense.org/index.php/topic,50546.msg269256.html#msg269256
This topic was a good bit of information. But that only provided 1:1 NAT, not 1:n NAT. So I was wondering if there's some feature that I've missed that will give me NAPT (Network Address and Port Translation) for IPv6 under pfSense 2.1? I appreciate the help guys.
-
Why would you want to do such a thing? NAT is bad. Some argue NAPT shouldn't even be considered, though for multi-homing small to mid sized networks it's currently your only option.
There is no such capability at this time.
-
Hi, I've been trying to find a solution that provides one to many NAT for IPv6.
Why? What are you trying to accomplish here that you're looking for NAT in v6?
-
Without any motivation the request is denied, move on. Routing works just fine.
-
Sorry for the late reply. I did not receive a message about updates to this post. My motivation behind a 1:N NAT for IPv6 is for security purposes. I'm working on a project and one of the requirements is to be able to obscure the network from the outside world. So 1:1 NAT (NPT) isn't an option as hosts are still identifiable. Thanks.
-
Even though you have public IPv6 on your LAN interface and the machines behind it, the firewall is still in between those hosts and the internet, no?
-
Security by obscurity is no security at all. Drop the dated concept of "security" from NAT, and you'll be better off.
-
Regardless of NAT or no NAT, you can still firewall it so that only connections to the ports you allow through to each system will pass through the router.