Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forwarding & 1:1 NAT

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gordc
      last edited by

      I am fairly new to pfsense and have a question regarding port forwarding & 1:1 NAT.
      We currently have /28 subnet for our WAN connection but are getting short on public IP addresses.  In our current setup we are just using 1:1 NAT and no port forwarding.  I am looking at possibly using port forwarding to take better advantage of our subnet.

      Question:

      I would like to be able to combine two of our external addresses that don't see a lot of use and combine them to free up a public IP.
      Currently we have a 1:1 NAT for our video conferencing system and one for FTP.  Neither see a lot of usage.  Would I be able to set these up using port forwarding instead of 1:1 NAT?  How would it work for the video conferencing system that uses multiple ports?

      Thanks,

      1 Reply Last reply Reply Quote 0
      • P Offline
        podilarius
        last edited by

        It is possible so long as FTP and Video conferencing don't have any port overlap. You should have rules in place now to allow traffic to these services. You would only need to mimic them in port forward.

        1 Reply Last reply Reply Quote 0
        • G Offline
          gordc
          last edited by

          Great.

          Thanks for the reply.

          I have one more question regarding this.  In discussions here at work it was mentioned that they had tried this before I started here and had stop using since it was very CPU intensive.

          Is this still true now.  It has been at least 5 years since they previously tried it.

          Thanks Gord

          1 Reply Last reply Reply Quote 0
          • P Offline
            podilarius
            last edited by

            Unless you are pushing more than 300MB/s I don't see how it would be CPU intensive at the firewall level. I could see how Video Conferencing could open a lot of states. If you are at a colo or Datacenter, you are probably going to have to use server class system for high bandwidth and state handling. What did they try it on before. At lot has changed in 5 years.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.