NAT disabled but still remaping headers

  • Hi,

    I'm using v2.2.1.
    I once setup the NAT feature to redirect TCP80 packets to a specific machine. Now I'm trying to disable this since it is not needed anymore.
    Went to :
    Firewall -> NAT -> Port Forward
    And deleted the rule.
    And now, surprisingly, packet capture is showing that the source IP in packet headers is still replaced with the router address (the WAN address). Why ? I have no idea.
    I have another pfsens box with a similar config and the problem didn't show up.
    Configurations for both are really simple :

    • 3 interfaces WAN, LAN, DMZ
    • A couple of rules for each interface
      and that's it.
      The Firewall -> NAT -> Outbound menu is set to Automatic (if that helps…)
      What am I missing ?


  • Port forwards rewrite the destination. Outbound NAT rewrites the source. Disable outbound NAT if you don't want it to NAT, or set it to hybrid or manual mode and configure your rules accordingly if you don't want all NAT disabled.

Log in to reply