Port forward to external IP?

  • Is there any way of taking all traffic coming in on say WAN port 80 and sending to a designated port on another external host? (ie a host on the wan) - I see one question here from 2007 with no answer that matches this.

    (running 2.1 release embedded)

  • Rebel Alliance Developer Netgate

    Not unless you also do manual outbound NAT to mask the source of the traffic so it appears to come from your firewall.

    The problem with doing that is that the remote client will hit pfSense, pfSense will forward to the server, but the server will not send the reply back through pfSense, so the connection will fail.

    If you use NAT to make it look like the connection between pfSense and the server came from pfSense, it would work, but the server wouldn't know where the traffic really originated.