• Hi!

    Good day!

    Can you please help me guys on how to achieve this kind of redirection, or at least guide me where to start my troubleshooting.

    I have this following setup
    PFS latest version (2.1-Release)

    WAN IP /24
    LAN IP
    GW IP
    IP That will hit WAN:

    Condition on WAN Interface: If source IP is then redirect to default GW (
    else allow inbound to WAN.

    I want to accomplish something like iptables rules.

    -A PREROUTING -s -j DNAT –to-destination
    -A POSTROUTING -s -j SNAT --to-source

    I have tried putting WAN rule with:

    Protocol: Any | Src: | Port: Any |Dst: Any |Port: Any | GW: Default
    Protocol: Any | Src: | Port: Any |Dst: Any |Port: Any | GW:

    Outbound NAT
    Interface: WAN | Source: |SPort: Any | Dst: Any | DstPort: Any |NAT Add: WAN Address| NAT Port: Any | Static Port: No

    Still no luck.

    Thanks in advance!


  • I don't understand what you're trying to do. Is on the LAN side or a remote address from beyond the gateway on WAN side? What do you mean by redirect?

    If it's coming from the WAN side then I don't see how you can DNAT to the GW address since it has already passed the GW by the time it reaches pfSense.

    The rules on the WAN are only useful if the destination packet is for a host on one of pfSense's other interfaces and pfSense is performing non-NAT routing from WAN to LAN.

    The Manual Outbound NAT rules on WAN are also applicable for traffic originating from another interface and leaving through WAN.

    I believe you should be creating the DNAT rules on the GW host, not on pfSense.

Log in to reply