[Solved] NAT within pfSense?



  • This may sound like a weird question, but I'm at wit's end on how to actually do this.

    Essentially what I need to do is redirect a request originating from pfSense (specifically an ident request), back to pfSense.

    So src: 127.0.0.1 (or 192.168.123.1), srcport: any, dst: 192.168.123.0/24, dstport: 113, redirectip: 127.0.0.1, redirectport: 113

    Any clues on how I might achieve this would be super!

    Edit: specifically, I'd like to do this within pfSense's native functions. I know how I'd do it in command line, but there's got to be a way to do this with some combination of NAT rules I haven't thought of.



  • Alright, I figured it out after some experimentation. Here's what it took to get this working (in case anyone has a multi-network scenario like I do that Dansguardian doesn't want to play nice with).

    1. Add a loopback gateway for the interface:

    2. Add an inbound NAT rule

    3. Add an outbound NAT rule

    4. Add a floating outgoing firewall rule on the interface with your loopback gateway

    It's a roundabout way to do things, but it works!

    I'm not sure that the outbound NAT is necessary, but have left it in just in case. I'll do some experimentation on it tonight.


Log in to reply