Pfsense Virtual IP NATing
-
Hi.
Am setting up Pfsense 2.0 but am stuck when it comes to port forwarding/Natting. I've done it before but not using Virtual IPs.
Say I have WAN on 11.11.11.1 and LAN on 192.168.5.5, I have added a virtual IP 192.168.4.5 on the LAN NIC of type "Proxy ARP"
Now, I have a web server in this LAN that is 192.168.4.6. I want it accessible from the WAN.
What kind of configuration should I do?
I've put a NAT with destination WAN being redirected to 192.168.4.6. However, it fails.
What configuration am I missing?
-
The most likely place is the LAN default rule. The default rule states that LAN subnet is allowed out. 192.168.4.6 (and .5) is not on the LAN subnet, so it is blocked. If you have adjusted the LAN rules to allow your second subnet, then I would look at changing from ProxyARP to either CARP or IP Alias. I have never used proxyarp as a gateway, so I don't really know. Also, is the default gateway on 192.168.4.6 (web server) the pfsense proxyarp? if not, then you are creating a routing problem.