Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Pfsense's version of hairpin NAT ?

    NAT
    2
    2
    2130
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nicknack last edited by

      So I've successfully set up 1:1 NAT for 1 of my LAN IP using Proxy ARP / If Alias ( both accessible from outside WAN )

      Let's say I have 2 vlan routed by L3 Switch.
      vlan 10 : 192.168.10.x
      vlan 110 : 192.168.110.x

      192.168.10.10. is 1:1 NAT with 22.33.44.55
      192.168.110.110 is NAT'ed to 22.33.44.66

      This scenario works ok without a fuss :

      11.22.33.44 –> 22.33.44.55 --> 1:1 NAT on Pfsense bastion --> PFsense trafficshaping box --> Layer 3 Switch -->  192.168.10.10

      Now I want an IP on vlan 110, accessing 192.168.10.10 by it's public address ( 22.33.44.55 )
      The scenario doesn't work....

      192.168.110.110 --> Layer 3 Switch -> PFsense trafficshaping box IP --> Pfsense bastion --> the packet goes to our ISP gateway !!

      If I'm not mistaken, this is called hairpin NAT..
      Can this be done with pfsense ?

      1 Reply Last reply Reply Quote 0
      • dotdash
        dotdash last edited by

        Try advanced, nat, enable reflection for 1:1 nat.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post