Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can the firewall create NAT rules

    NAT
    2
    4
    2055
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nsumner last edited by

      Okay that might be confusing so let me explain.

      inside1 (192.168.17.100)                  inside2 (192.168.17.101)

      Connecting from outside I have 2 clients (bogus IPs used)

      outside1 192.117.115.114, when he connects on port 80 (from his and "only his") IP he connects to inside1.

      Outside2 192.117.115.115 when he connects to port 80 he is directed to inside2.

      I am told that this can be done manually but right now it doesn't do so automatically. Really it would in a sense mean that to create NAT rules you use firewall rules (at least most likely). It would also simplify things and reduce user errors. For example I wanted to open port 443 to the Pfsense box to my work machine (which has it's own real static IP). I couldn't get this working until I realized I had to create the NAT rule and then modify the firewall rule it created to limit IPs.

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        You are talking about nat based on the source IP. This is not possible with pfSense 1.0 by only using the webgui. Doing that at the backend is not recommended as NATs and Firewallrules are alway created from the config.xml and your customizations most likely will be overwritten by doing other changes sooner or later or on reboots.

        1 Reply Last reply Reply Quote 0
        • N
          nsumner last edited by

          Any chance we can beg pretty pretty please to get this in 1.1?

          1 Reply Last reply Reply Quote 0
          • H
            hoba last edited by

            I added it to our "not ready yet but cool to have at some point" feature list. Stay tuned  ;)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy