Forward a port to a broadcast address
-
I was hoping someone could help me with a issue. I currently have two subsets 172.16.1.0/16 and 192.168.1.0/24 and I am using a Cisco ASA firewall and am forwarding a UDP port from the 172.16.1.0/16 network to the the address of 192.168.1.255 (broadcast, not sure why it is setup like this but it was before my time and the application that uses the port is working fine) I need to replace the ASA and would like to replace it with pfsense but for some reason I am to accomplish this type of port forward. Does anyone have a idea how I can do this to I can get this application working again? Any help would be greatly apperciated
-
but for some reason I am to accomplish this type of port forward.
Did you mean
I am not able to accomplish …
No idea if this would be helpful, but if you change the subnet 192.168.1.0/254 to 192.168.0.0/22 then 192.168.1.255 is no longer a broadcast address.
I would look at changing the host address from 192.168.1.255.
-
That's definitely a /24 and you're definitely forwarding to the broadcast address? If that's the case, I'm extremely surprised an ASA will port forward to its broadcast address. I'm guessing FreeBSD won't send such traffic, as that's the sane behavior. Don't think it's possible to forward traffic like that. I'd consider it seriously broken, something I'd never run even if it does work on the ASA as that's highly likely to break in a future release, maybe considered a bug fix to not do that at some point. I'd highly recommend, whether you stay on the ASA or go with anything else, to do away with that. You may not find any other firewall in the world that will do that.
-
What is the application? Only time I have heard of forwarding to broadcast is with a WOL type setup where you want to send a magic packet across a NAT.
