Firewall: NAT: Outbound

  • I have enabled Manual Outbound NAT rule generation and  it automatically generated nat outbound rules, it appear that i have more then one rule, I have created a guest wifi network. Do i need these additional rules

    ![12-11-2012 9-16-56 PM.png](/public/imported_attachments/1/12-11-2012 9-16-56 PM.png)
    ![12-11-2012 9-16-56 PM.png_thumb](/public/imported_attachments/1/12-11-2012 9-16-56 PM.png_thumb)

  • Rebel Alliance Developer Netgate

    That means you probably have a gateway defined/selected in the gateway drop-down on the guestwifi interface. That is not needed for internal interfaces, and will make pfSense treat that interface as a WAN rather than a client interface (so it won't do NAT for it out WAN)

  • I have removed the default gateway under the guest wifi network, then deleted all the rule under the nat and set it back to Automatic outbound NAT rule generation and then set it back to Manual Outbound NAT rule generation. do i still need those rules that uses the loop back interface and set of ports 1024-65535, i did remove the ipsec rules as not running ipsec.

  • Rebel Alliance Developer Netgate

    It's best to leave the loopback rules, they're for traffic from the firewall itself.

Log in to reply