Pfsense's version of hairpin NAT ?
-
So I've successfully set up 1:1 NAT for 1 of my LAN IP using Proxy ARP / If Alias ( both accessible from outside WAN )
Let's say I have 2 vlan routed by L3 Switch.
vlan 10 : 192.168.10.x
vlan 110 : 192.168.110.x192.168.10.10. is 1:1 NAT with 22.33.44.55
192.168.110.110 is NAT'ed to 22.33.44.66This scenario works ok without a fuss :
11.22.33.44 –> 22.33.44.55 --> 1:1 NAT on Pfsense bastion --> PFsense trafficshaping box --> Layer 3 Switch --> 192.168.10.10
Now I want an IP on vlan 110, accessing 192.168.10.10 by it's public address ( 22.33.44.55 )
The scenario doesn't work....192.168.110.110 --> Layer 3 Switch -> PFsense trafficshaping box IP --> Pfsense bastion --> the packet goes to our ISP gateway !!
If I'm not mistaken, this is called hairpin NAT..
Can this be done with pfsense ? -
Try advanced, nat, enable reflection for 1:1 nat.
