Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    1:1 NAT onto Bridge

    NAT
    1
    2
    430
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SyrusDH last edited by

      Greetings.

      I'm having issues when using 1:1 NAT with a bridge.

      I'm running a box with 7 Ethernet ports and pfSense 2.2.3.

      1 port is the WAN port 1.2.3.x
      4 ports are LAN ports, assigned to bridge0 (to act as a LAN switch) 10.x.x.x
      2 ports are DMZ ports, assigned to bridge1 (to act as a DMZ switch) 172.16.x.x

      My WAN connection has 5 static IPs, and I am trying to use 1:1 NAT to direct each public IP to an associated DMZ IP.  I have NAT reflection enabled so that LAN computers can access the DMZ addresses using the public WAN IPs.

      From the LAN, I can successfully access the DMZ machines both using the DMZ network (172.16.x.x) as well as the public IPs (1.2.3.x, via NAT reflection).
      However, anyone on the outside WAN gets no response when trying to access the public IPs (1.2.3.x.)

      I have the tunables set:
      net.link.bridge.pfil_member = 0
      net.link.bridge.pfil_bridge = 1

      I have the firewall rule to pass all traffic from the WAN (IPv4, any protocol) to the DMZ net.

      Any ideas as to why this configuration would not be working?

      1 Reply Last reply Reply Quote 0
      • S
        SyrusDH last edited by

        Hmm.  After looking further, the 1:1 NAT appears to not be working, even without the bridge configuration.

        For now, disregard this request.  I can create a new topic later if I cannot find a solution.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy