How can I do 1:1 NAT with just 1 Static IP

  • Hi,

    I'm new here and I tried searching about my question but I couldn't find whether it has been posted before. If this has already been posted, I'm truly sorry for asking a duplicate question. My problem is simple. I just have 1 static IP from my ISP. I wanted to do 1:1 NAT of that address to the internal mail server. How can I do it in pfSense? Thanks in advance for your answers.


  • Why want you do that?
    There is no advantage of 1:1 NAT with only one IP.
    If you do this you can't neither access any local services on pfSense nor access web configurator from internet. So I would prefer port forwarding.

    However, it will be doable if you really want that. Just go to Firewall > NAT > 1:1 and add a new rule. Enter your public IP at External subnet IP and enter your internal servers IP as single host below.

  • Thanks for your answer. So it will be better to forward the ports required by my mail server.

  • Do you have as well a DHCP available to you from your ISP?

    If so you could create a VIP for the static and then 1:1 it to your desired server. Otherwise as said- just port forward your mail ports.  :)

Log in to reply