Nat with public IP on LAN

  • Hello everybody,

    I'm setting up a PfSense for my company and I have a few questions about how to configure NAT  ???.

    We have 3 sections : LAN - DMZ and WAN
    We have a class of public IPs divided for our 3 zones, for example :
    LAN = /25
    DMZ = /27
    WAN = /27

    So today if I go on internet with my laptop in the LAN i'll have the IP : (for example)
    As I'm configuring a pfsense, I'm worring about how to setup the configuration of NAT… in order
    to keep my public IPs... ?

    If someone can help me or give me some clues it will be welcome.
    Thank you very much  :),

  • If you are running publics everywhere, you don't need NAT. You could just run the firewall as a filtering bridge.
    I don't know exactly why you'd need a separate WAN if the machines on the LAN were public- could you explain what your current setup is? IMO, using publics on the LAN is a poor use of address space and creates administration headaches, so I would consider using private IPs and NATing the LAN. But that's just my 2 cents.

  • Or if you really want to use the public addresses but dont want to bridge, you could just disable NAT and run pfSense as a firewalling router.

  • Hi guys,

    I'm a happy user of pfsense. Keep the good work!

    To clarify myself, could you confim this attached network could work with just enabling manual outbound nat mapping?

    If I had a DMZ interface, I can enable it for it?

    Thanks and regards

  • As long as your ISP is routing that subnet behind your pfsense to your pfsense wan ip it will work.

  • Thanks Hoba!

    That's good news!

Log in to reply