Need Help with NAT



  • Here is the scenario.  I am trying to NAT all of our employee vpn traffic outbound to a single address.  This seems to work out great for networks which are attached to pfsense but I can't get it to work for a network coming through pfsense.

    For example I have no issue with an outbound NAT rule translating 10.80.0.0/16 to my LAN interface.
    LAN   10.80.0.0/16 * 10.230.0.0/16 * * * NO

    I would like to do the same idea with another network, but this network is not a interface of pfsense.  Pfsense has a static route to get back to this network.
    LAN     192.168.170.0/24 *     10.230.0.0/16      *      *       *     NO

    For some reason I can't get the 192.168.170.0/24 to translate like the 10.80.0.0/16



  • That rules should make it look like traffic from that network is coming from the LAN ip address. Have you run a network trace to make sure that this is not happening? There might be a routing issue that is preventing return traffic.


  • LAYER 8 Global Moderator

    Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description

    Where is your nat address in those rules?

    If you see above I posted the headings from the nat rules, I don't do any natting on my lan side - but only from lan to wan.  But don't you still need a NAT address to use?  In my drop down you can pick the interface address or setup a different IP, yours is just showing *?


Log in to reply