Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Gateway problem …

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      atrocity
      last edited by

      Hello,

      we just have replaced a old Watchguard with a new PFSense firewall.
      I'm always looking to make all the rules working, but i have a problem with the Gateway configuration …
      We are a hosting provider, with a /24 public ip range. Let us say 9.9.9.0/24 as exemple.

      Our public gateway is on (let us say) at 1.1.1.110, gateway 1.1.1.1, that's configured in our WAN, as default gateway.

      We need to be able to show that our gateway is in our range : 9.9.9.1
      but actually from the outside i always see our ISP's gateway 1.1.1.1 ... :(

      I did a try to add our gateway 9.9.9.1 in the LAN, but this don't seems to work...

      Don't know what i have to do, all that i know is that our WG firewall was configured with this gateway 1.1.1.1, as a Mixed Routing Mode.
      I did NOT configure any NAT on PF, should i have ?

      Can anybody help me on this ?
      Thanks a lot
      Best regards

      1 Reply Last reply Reply Quote 0
      • A
        atrocity
        last edited by

        22 views, no answer or comment …
        Is my question so stupid or is it to difficult ?

        Regards

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Diagram please.  I really can't understand what you're looking for.

          We need to be able to show that our gateway is in our range : 9.9.9.1

          Huh?  Show to whom?

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • A
            atrocity
            last edited by

            Hy and thanks for your answer.

            Don't have a diagram by hand … Try this way

            our ISP on WAN - ip : 1.1.1.110 - GW : 1.1.1.1

            our LAN ips : 9.9.9.0/24 (public IPs)

            That's all we have. No Opt1 ect ...
            I don't put a GW on out LAN, also no NAT configuration.
            The problem is that when i download a file from our network, then the server outside see our ISP's ip of the Gateway and not our IP(s) ...
            We have to fix this to be able to continue the rules configuration ...
            Thanks for any help
            Regards

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              Sounds like the problem is you have NAT enabled.

              Go to Firewall->NAT->Outbound. Change to manual, Save.  Then disable all the rules pertaining to your 9.9.9.0/24 network.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • A
                atrocity
                last edited by

                to easy … you did it  8)  8)  8)

                I will reboot it, to be sure that everything is working, but i'm sure that this is the solution.

                Many Many Thanks
                Regards

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.