Use Virtual IP for outbound not work



  • Hi All,
    i have the following setup
    LAN 192.168.2.1
    OPT1  2.2.2.2  default GW
    WAN  3.3.3.3

    Virtual IP 3.3.3.4
    server on LAN  192.168.2.199
    Ihave the following port forwarding rule which is working.
    VIP 3.3.3.4  port 25      192.168.2.199
    VIP 3.3.3.4  port 3389  192.168.2.199

    I want the server 192.168.2.199 going out using the VIP 3.3.3.4  on the WAN interface.
    I created an Manual Outbound rule but it's not working. the server always use the default GW 2.2.2.2 when going out
    i use www.whatismyip.org the check the ip.

    interface WAN
    ssource  192.168.2.199/32
    source port *
    dest            *
    dest port    *
    NAT add      3.3.3.4
    NAT port    *
    Static port  No

    Thanks for the help!



  • Are you trying to change what IP it goes out on, or what WAN it goes out on? IP translation is outbound NAT, which WAN it goes out of is from firewall rules.



  • i am trying to change what WAN it goes out. i want it goes out on one of my Virtual IP.

    I checked the following case which is similar to what I have. I thought it’s on Outbound NAT
    http://forum.pfsense.org/index.php?topic=36246.0

    So, if which WAN it goes out of is from firwall rules, why can i specify the WAN IP i want to go out?



  • outbound NAT determines what IP something uses when it leaves a particular interface. Firewall rules determine which interface something leaves. Details in http://pfsense.org/book



  • Thanks for the information. I got the book already. I am setting up a few pfsense with embedded and hardware installation and try to migrate some sonicwall and cisco firewall. Some of the behavior on the pfsense doesn’t work the way it should. I may need to spend more time to see what’s wrong. Regarding on the pfsense book, do you know if any book base on ver 2.0 pfsense will come out soon? Thanks.


Locked