Nat with public IP on LAN
I'm setting up a PfSense for my company and I have a few questions about how to configure NAT ???.
We have 3 sections : LAN - DMZ and WAN
We have a class of public IPs divided for our 3 zones, for example :
LAN = 184.108.40.206 /25
DMZ = 220.127.116.11 /27
WAN = 18.104.22.168 /27
So today if I go on internet with my laptop in the LAN i'll have the IP : 22.214.171.124 (for example)
As I'm configuring a pfsense, I'm worring about how to setup the configuration of NAT… in order
to keep my public IPs... ?
If someone can help me or give me some clues it will be welcome.
Thank you very much :),
dotdash last edited by
If you are running publics everywhere, you don't need NAT. You could just run the firewall as a filtering bridge.
I don't know exactly why you'd need a separate WAN if the machines on the LAN were public- could you explain what your current setup is? IMO, using publics on the LAN is a poor use of address space and creates administration headaches, so I would consider using private IPs and NATing the LAN. But that's just my 2 cents.
GruensFroeschli last edited by
Or if you really want to use the public addresses but dont want to bridge, you could just disable NAT and run pfSense as a firewalling router.
I'm a happy user of pfsense. Keep the good work!
To clarify myself, could you confim this attached network could work with just enabling manual outbound nat mapping?
If I had a DMZ interface, I can enable it for it?
Thanks and regards
As long as your ISP is routing that subnet behind your pfsense to your pfsense wan ip it will work.
That's good news!