Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT only for Group of WAN IP's?

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 748 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Stendec75
      last edited by

      Hi all!

      I'm new to PFSense and it looks keen! Setup NAT isn't a problem, but I'm wondering if its possible to setup NAT only allowing some WAN IP's / IP Group? I would like to NAT Windows RDS (3389), but only for known WAN IP.

      I cant figure it out at the moment. Is it possible to setup a WAN IP group (multiple WAN IP's) allowing to create a NAT rule assigned to the (source)group?

      So:

      WAN3389_Group: aaa.aaa.aaa.aaa, bbb.bbb.bbb.bbb, ccc.ccc.ccc.ccc

      If Proto Src. addr Src. ports Dest. addr Dest. ports NAT IP NAT Ports Description
      add
      change WAN3389_Group TCP * * * 3389 (RDS) 192.168.1.10 3389 (RDS) RDS - SVR

      1 Reply Last reply Reply Quote 0
      • M
        muswellhillbilly
        last edited by

        If I understand your query correctly, what you're looking to do is create an Alias, which you can populate with IP addresses of your choice. You can then assign the alias as the source for the NAT rule and use it in the corresponding firewall rule. Sor for 'WAN IP group', think 'Alias'.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.