NAT through WAN



  • Hi all…. im new to pfsense so play nice with me  :). Our network is part of a large-government-sponsored network. We all interconnected through WAN using 10.x.x.x ip range. I cannot access my pfsense from outside of the WAN, so im putting 1 adsl line (fixed public ip) to access my pfsense by using portfowarding from adsl modem to pfsense box. Now my question is

    my pfsense=10.20.20.254 (3 nic-  nic1 for LAN - nic2-for WAN(10.20.20.254) - nic3 ADSL)
    my other pfsense box=10.180.10.254

    can i do the same (portfoward on my adsl modem) to access my other pfsense box or there is another way to do this? I can access the "other pfsense box" webconfigurator/ssh no problem as long im inside the large-government-sponsored network. Im trying to avoid vpn as solution right now. Just hoping there is simple solution to this.

    Thanks



  • @satanhead2003:

    Hi all…. im new to pfsense so play nice with me  :). Our network is part of a large-government-sponsored network. We all interconnected through WAN using 10.x.x.x ip range. I cannot access my pfsense from outside of the WAN, so im putting 1 adsl line (fixed public ip) to access my pfsense by using portfowarding from adsl modem to pfsense box. Now my question is

    my pfsense=10.20.20.254 (3 nic-  nic1 for LAN - nic2-for WAN(10.20.20.254) - nic3 ADSL)
    my other pfsense box=10.180.10.254

    can i do the same (portfoward on my adsl modem) to access my other pfsense box or there is another way to do this? I can access the "other pfsense box" webconfigurator/ssh no problem as long im inside the large-government-sponsored network. Im trying to avoid vpn as solution right now. Just hoping there is simple solution to this.

    what if instead of you dialing in to corrporate network let it dial you.. if you have static ip you can configure pfsese as a vpn client and let it connect to you.. you could be running virtual pfsense ..  a bizaare option,

    Thanks

    my 2 cents
    use differnet webui ports on different firewalls and do port forwarding .. considering the lan interface of that adsl is on same subnet as other pfsense boxes.

    alternativly if the pfsese boxes are accessbile from wan (using live ip ) you can do port forwarding and if you wil be accessible from static ip then you can be pretty restrictive with firewall rules..

    what if instead of you dialing in to corp network . let it dial you .. perhaps you would be running a virtual pfsense ..
    a rather bizaare option



  • Sorry… i forgot to mention that the other pfsense box is on another part of the map. The only connection it had is through the wan(10.180.10.254:10001 which my pfsense box is 10.20.20.254:10000 ). I can access/ping/ssh them using this 10.180.10.254 ip as long im in the 10.20.20.x network. As in illustration, it would be like this

    my current set up
    .ADSL --->my pfsense box (10.20.20.254:10000) = cannot connect/nat/portfowward to 10.180.10.254:10001

    what im trying to achieve is

    .ADSL--->my pfsense box (10.20.20.254:10000)--->my other pfsense box (10.180.10.254:10001)

    And as why im trying to avoid vpn is, on my pfsense box, im still using 2.1.5 which is the only version (i hope its not) didnt broke sarg report and squid3 in transparent mode and its vpn server seems broken (constantly restarting vpn service due to error which also will bring squid3 and squidguard to a halt).


Log in to reply