4. 1:1 NAT onto Bridge

1:1 NAT onto Bridge

  • S

    Greetings.

    I'm having issues when using 1:1 NAT with a bridge.

    I'm running a box with 7 Ethernet ports and pfSense 2.2.3.

    1 port is the WAN port 1.2.3.x
    4 ports are LAN ports, assigned to bridge0 (to act as a LAN switch) 10.x.x.x
    2 ports are DMZ ports, assigned to bridge1 (to act as a DMZ switch) 172.16.x.x

    My WAN connection has 5 static IPs, and I am trying to use 1:1 NAT to direct each public IP to an associated DMZ IP.  I have NAT reflection enabled so that LAN computers can access the DMZ addresses using the public WAN IPs.

    From the LAN, I can successfully access the DMZ machines both using the DMZ network (172.16.x.x) as well as the public IPs (1.2.3.x, via NAT reflection).
    However, anyone on the outside WAN gets no response when trying to access the public IPs (1.2.3.x.)

    I have the tunables set:
    net.link.bridge.pfil_member = 0
    net.link.bridge.pfil_bridge = 1

    I have the firewall rule to pass all traffic from the WAN (IPv4, any protocol) to the DMZ net.

    Any ideas as to why this configuration would not be working?

    0
  • S

    Hmm.  After looking further, the 1:1 NAT appears to not be working, even without the bridge configuration.

    For now, disregard this request.  I can create a new topic later if I cannot find a solution.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy