Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    General Questions

    NAT
    1
    1
    430
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bkana last edited by

      If I'm posting this in the wrong section, please let me know.

      I'm getting ready to pull the plug on my Cisco ASA5505 and replace it with pfsense. My ASA is solid but I feel it's performance is degrading. I have some general questions concerning pfsense and have provided screen shots of my setup. Could someone give these a look over and tell me if anything is out of place or setup incorrectly? I have a simple network with LAN being 192.168.0.0. I have 12 public IP's given to me by my ISP and an upstream Cisco 2900 router in-house. The gateway on the router is 2XX.XX.XX.1 and I have setup 2XX.XX.XX.2 as the WAN interface on the pfsense with 2XX.XX.XX.1 as the gateway. (see screen shots).

      I understand that creating Virtual IP's in pfsense binds your Public IP addresses to your WAN interface so they can be used to present themselves, in the example of outbound SMTP, where some need to have their outgoing email coming from a certain Public IP address. I have done just that for my SMTP server, but I have only setup one (of my 12) as a Virtual IP.

      1. Should I create VIP's for all my public IP's? Or just the ones that need to be presented to the outside world?

      2. Also, Is it a requirement to use AON (Manual Outbound NAT) to present my outgoing SMTP server on a public IP other than the WAN IP of pfsense? From what I have read, this is the way to go.

      3. On the General Setup screen I added my internal DNS servers, as these have forwarders to my ISP's DNS servers. Obviously, all the LAN clients use these as DNS. Is this correct?

      4. Since I'm already doing port forwarding for SMTP, do I need to specify port 25 anywhere on the Manual Outbound rule I setup for Outgoing SMTP?












      1 Reply Last reply Reply Quote 0
      • First post
        Last post