• I have searched around and supposedly this is possible, but I have not been successful.

    I have 1:1 setup and it works wonderfully!
    I would like to add port forwarding as well though for those nat'd addresses.

    Example:

    64.0.0.1 –--  1:1 Nat to ----- 192.168.5.10
    This hosts a web server at  mail.domain.com

    I want to be able to type mail.domain.com when on the local subnet and have it redirected to the local IP.
    I know nat redirects only work on port fowards and not 1:1, but I've found in the forums you can add port forward on top of 1:1 to do this.

    I've set up 1:1 and it works, I also added a port forward as follows:
    interface: LAN
    external address: 64.0.0.1
    proto: TCP
    port: HTTP
    NAT IP: 192.168.5.10
    Local Port: HTTP

    and checked auto create firewall rule...

    what am I doing wrong?


  • ok, I've tried using the external address as well as the internal address with no luck.

    In this topic Hoba says you can add port forwarding on top of 1:1:
    http://forum.pfsense.org/index.php?topic=858.0

    I ended up setting up a local DNS server, but I still would love to scratch that and use port forwards instead.

    Would it be better to scracth 1:1 and only use port foward with the virtualIP's?  I have about 5 ports enabled on each IP anyway, so it wouldn't be to much work to add the forwards in.
    Thanks!


  • I haven't tried portforward on top of 1:1 NAT myself. It might be that I was wrong here. The NAT-reflectionfeature is still under developement and there is discussion going on between the developers how to make it work for larger ranges and thus maybe 1:1 NATs too. Meanwhile split DNS might be the only solution for this problem.


  • Thanks for the reply!  I will stand by in anticipation  ;D
    You guys are the best!