New to pfSense - Network Address Translation - Question

  • I'm new with psSense, I want to get rid of our crapy firewall…

    I installed a psSense server with 4 nics card.

    WAN: (Where is the router, the firewall)
    Wireless: 192.168.20.x/24
    DMZ: 192.168.10.x/24

    Everything works like a charm and I'm almost ready to get rid of the other one an buy commercial support but, I'm not able to make it work the NAT for my webserver, webmail, incoming mails etc...

    I can't find an example configuration anywhere I can follow to give me an idea how psSense need to be configured.

    Let say my webserver is

    What is the steps to create a NAT from to for http and https traffic?

    Thanks in advance for your help !

  • That'll be port forwarding you want (Firewall -> NAT -> Port Forward).

    Create a rule on the WAN interface, forward port 80 to port 80.  Add a description if you want, but leave everything else at the defaults.  Repeat for 443.

    It's that easy ;)

  • You would also want to go to Firewall, Virtual IPs. Press the + add button. You should be able to leave it at Proxy ARP, WAN, single address. Fill in the Address: with and save.
    Then when adding the port-forward, you can select as the external address from a drop-down.

  • Looks like very simple. Really don't know why it didn't work when I tried it.

    Will give an other try this week.

    Maybe the provider router doesn't like the mac address changes…

  • ARP cache induced problems are very common when switching firewalls, power cycle the router upstream of your firewall if you have access to it, and also any DSL or cable modems, if applicable. You may be forced to call your ISP, or wait a few hours for the ARP cache to clear.

Log in to reply