New to pfSense - Network Address Translation - Question



  • I'm new with psSense, I want to get rid of our crapy firewall…

    I installed a psSense server with 4 nics card.

    LAN: 10.0.0.0/8
    WAN: 207.8.8.1/24 (Where 207.8.8.1 is the router, 207.8.8.2 the firewall)
    Wireless: 192.168.20.x/24
    DMZ: 192.168.10.x/24

    Everything works like a charm and I'm almost ready to get rid of the other one an buy commercial support but, I'm not able to make it work the NAT for my webserver, webmail, incoming mails etc...

    I can't find an example configuration anywhere I can follow to give me an idea how psSense need to be configured.

    Let say my webserver is
    webserver.myserver.com
    ext: 207.8.8.4
    int: 10.0.0.4

    What is the steps to create a NAT from 207.8.8.4 to 10.0.0.4 for http and https traffic?

    Thanks in advance for your help !



  • That'll be port forwarding you want (Firewall -> NAT -> Port Forward).

    Create a rule on the WAN interface, forward port 80 to 10.0.0.4 port 80.  Add a description if you want, but leave everything else at the defaults.  Repeat for 443.

    It's that easy ;)



  • You would also want to go to Firewall, Virtual IPs. Press the + add button. You should be able to leave it at Proxy ARP, WAN, single address. Fill in the Address: with 207.8.8.4 and save.
    Then when adding the port-forward, you can select 207.8.8.4 as the external address from a drop-down.



  • Looks like very simple. Really don't know why it didn't work when I tried it.

    Will give an other try this week.

    Maybe the provider router doesn't like the mac address changes…



  • ARP cache induced problems are very common when switching firewalls, power cycle the router upstream of your firewall if you have access to it, and also any DSL or cable modems, if applicable. You may be forced to call your ISP, or wait a few hours for the ARP cache to clear.


Log in to reply