Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall: NAT: Outbound

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chain
      last edited by

      I have enabled Manual Outbound NAT rule generation and  it automatically generated nat outbound rules, it appear that i have more then one rule, I have created a guest wifi network. Do i need these additional rules

      ![12-11-2012 9-16-56 PM.png](/public/imported_attachments/1/12-11-2012 9-16-56 PM.png)
      ![12-11-2012 9-16-56 PM.png_thumb](/public/imported_attachments/1/12-11-2012 9-16-56 PM.png_thumb)

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        That means you probably have a gateway defined/selected in the gateway drop-down on the guestwifi interface. That is not needed for internal interfaces, and will make pfSense treat that interface as a WAN rather than a client interface (so it won't do NAT for it out WAN)

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • C
          chain
          last edited by

          I have removed the default gateway under the guest wifi network, then deleted all the rule under the nat and set it back to Automatic outbound NAT rule generation and then set it back to Manual Outbound NAT rule generation. do i still need those rules that uses the loop back interface and set of ports 1024-65535, i did remove the ipsec rules as not running ipsec.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            It's best to leave the loopback rules, they're for traffic from the firewall itself.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.