Masquerading from LAN to OPT1
What about if I wish to have masquerading from the LAN interface to the OPT1 interface?
I have a Soekris net4501 system with 3 network interfaces.
The first network is the LAN, the second one is the WAN and the third one is another network (OPT1) which the LAN clients needs to connect to.
I can reach the WAN from the LAN, but I can't reach any host on the OPT1 from any LAN client.
The OPT1 has 172.18.67.252/24 as IP address, and I can ping an host (for example 172.18.67.254) from the m0n0wall web interface.
From a LAN client which is using m0n0wall as default gateway I can ping the OPT1 IP address (172.18.67.252) but I can't ping the 172.18.67.254 host.
No log is shown on the firewall logs.
Could you help me to found the problem?
Thank you very much!
First, this is pfSense and not m0n0wall :P
Second, I assume the clients at OPT are using another default gateway that doesn't have a route back to your LAN subnet vie the pfSenses OPT IP. Masquerading would fix that but could cause other trouble on the other hand. Adding a route at the OPT's clients default gateway would be the "cleaner" solution imo. If you reall wan't to NAT enable advanced outbound NAT at Firewall>NAT and add a mapping for LAN to OPT with OPT IP of the pfSense there.