Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Server internally does'nt see the real ip, only the ip of the gateway pfsense

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mvrasmussen
      last edited by

      Hello

      I'm trying to use a pfsense as a substitute of our hosting centers cisco gateway on my testbed for testing our new firewall

      The setup is as following:
      [Internet]->[Hosting-Cisco-gateway (85.10.100.1)]->[Our firewall (85.10.100.2)]->[Network (85.10.100.0/24)]

      We do not have access or very much knowledge of this cisco gateway other than it's used as gateway for all our machines who all have ip adresses defined in the mentioned 85 range

      The pfsense is sat as substituting the cisco gateway, with a couple of clients on the WAN side of the pfsense with random ip's

      I have disabled NAT, and made a allow any, any rule in the firewall part (else nothing works) and my clients can ping the machines on the inside network.

      But the problem is when a client is accessing ex. a webserver on port 80 on one of the 85 machines, if you look in the access_log - the request is coming from the pfsense lan ip (85.10.100.1), and not the actual ip.

      What do i miss?

      (the 85 network definition is made up, but it resembles the actual ip's)

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi
        last edited by

        How should firewall/router send traffic to right place? You have same subnets both side of pfsense.
        Do you want to use filtering bridge setup?

        1 Reply Last reply Reply Quote 0
        • M
          mvrasmussen
          last edited by

          I will try to explain it more detailed, i know i have a overlap in networks, but the old firewall works with it

          [Internet]->[Wan: ?? [b]-Hosting Center Router- Lan: 85.10.100.1] -> [Wan: 85.10.100.2/30 [b]-Our firewall-  DMZ:85.10.100.253/24] -> [Network of machines with 85.10.100.x adresses]

          And its the Hosting Center Router im trying to substitute with my pfsense.

          The new firewall seems to be configured correctly, but i can't test for sure because of this little pfsense issue, when my client on the "internet" side of the router connects to a machine on the 85 network, the server machine sees the request as coming from the routers LAN ip, and not the actual ip adress

          1 Reply Last reply Reply Quote 0
          • M
            Metu69salemi
            last edited by

            I can't help you with this. Maybe someone more experienced have some more insight knowledge about it

            1 Reply Last reply Reply Quote 0
            • M
              mvrasmussen
              last edited by

              Could it mayby be a NAT issue? masqurading?

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                Just to understand correctly, your company bought a full block of IP addresses?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.