Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New to pfSense - Network Address Translation - Question

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 4 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      snantel
      last edited by

      I'm new with psSense, I want to get rid of our crapy firewall…

      I installed a psSense server with 4 nics card.

      LAN: 10.0.0.0/8
      WAN: 207.8.8.1/24 (Where 207.8.8.1 is the router, 207.8.8.2 the firewall)
      Wireless: 192.168.20.x/24
      DMZ: 192.168.10.x/24

      Everything works like a charm and I'm almost ready to get rid of the other one an buy commercial support but, I'm not able to make it work the NAT for my webserver, webmail, incoming mails etc...

      I can't find an example configuration anywhere I can follow to give me an idea how psSense need to be configured.

      Let say my webserver is
      webserver.myserver.com
      ext: 207.8.8.4
      int: 10.0.0.4

      What is the steps to create a NAT from 207.8.8.4 to 10.0.0.4 for http and https traffic?

      Thanks in advance for your help !

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        That'll be port forwarding you want (Firewall -> NAT -> Port Forward).

        Create a rule on the WAN interface, forward port 80 to 10.0.0.4 port 80.  Add a description if you want, but leave everything else at the defaults.  Repeat for 443.

        It's that easy ;)

        1 Reply Last reply Reply Quote 0
        • dotdashD
          dotdash
          last edited by

          You would also want to go to Firewall, Virtual IPs. Press the + add button. You should be able to leave it at Proxy ARP, WAN, single address. Fill in the Address: with 207.8.8.4 and save.
          Then when adding the port-forward, you can select 207.8.8.4 as the external address from a drop-down.

          1 Reply Last reply Reply Quote 0
          • S
            snantel
            last edited by

            Looks like very simple. Really don't know why it didn't work when I tried it.

            Will give an other try this week.

            Maybe the provider router doesn't like the mac address changes…

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              ARP cache induced problems are very common when switching firewalls, power cycle the router upstream of your firewall if you have access to it, and also any DSL or cable modems, if applicable. You may be forced to call your ISP, or wait a few hours for the ARP cache to clear.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.