Route/nat a specific subnet



  • Hi all,

    i am having problem with routing traffic that is not a part of the pfsense lan network.  i have attached a diagram of the lab network.
    my goal for this lab is to forward traffic of the tmg internal lan to pfsense router which will send it to the internet. however the router

    keeps dropping the traffic. if i set the tmg sever to nat traffic coming from it's internal network this will work. but that's not what i want to accomplish.
    please anyone assist me with this.

    Thanks


  • Netgate

    System->Routing

    make a gateway for 192.168.1.2
    create a route for 10.0.1.0/24 with that gateway as the gateway and LAN as the interface

    You'll need to be sure the firewall rules on LAN will pass traffic sourced from "LAN net" (192.168.1.0/24) and 10.0.1.0/24, probably destination any any if you don't have specific requirements.

    Then you'll need to switch to manual outbound NAT in Firewall->NAT.  When you do that you will see two rules with source addresses from 192.168.1.0/24.  Duplicate them for 10.0.1.0/24.

    You'll have to do whatever on the TMG to make it pass traffic.  You also  want all NAT turned off on the TMG.  You want traffic from behind the TMG to hit pfSense LAN with a source address in 10.0.1.0/24.

    And you're done.



  • Thanks much it's working great!!!!