Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT through WAN

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      satanhead2003
      last edited by

      Hi all…. im new to pfsense so play nice with me  :). Our network is part of a large-government-sponsored network. We all interconnected through WAN using 10.x.x.x ip range. I cannot access my pfsense from outside of the WAN, so im putting 1 adsl line (fixed public ip) to access my pfsense by using portfowarding from adsl modem to pfsense box. Now my question is

      my pfsense=10.20.20.254 (3 nic-  nic1 for LAN - nic2-for WAN(10.20.20.254) - nic3 ADSL)
      my other pfsense box=10.180.10.254

      can i do the same (portfoward on my adsl modem) to access my other pfsense box or there is another way to do this? I can access the "other pfsense box" webconfigurator/ssh no problem as long im inside the large-government-sponsored network. Im trying to avoid vpn as solution right now. Just hoping there is simple solution to this.

      Thanks

      1 Reply Last reply Reply Quote 0
      • S
        Snailkhan
        last edited by

        @satanhead2003:

        Hi all…. im new to pfsense so play nice with me  :). Our network is part of a large-government-sponsored network. We all interconnected through WAN using 10.x.x.x ip range. I cannot access my pfsense from outside of the WAN, so im putting 1 adsl line (fixed public ip) to access my pfsense by using portfowarding from adsl modem to pfsense box. Now my question is

        my pfsense=10.20.20.254 (3 nic-  nic1 for LAN - nic2-for WAN(10.20.20.254) - nic3 ADSL)
        my other pfsense box=10.180.10.254

        can i do the same (portfoward on my adsl modem) to access my other pfsense box or there is another way to do this? I can access the "other pfsense box" webconfigurator/ssh no problem as long im inside the large-government-sponsored network. Im trying to avoid vpn as solution right now. Just hoping there is simple solution to this.

        what if instead of you dialing in to corrporate network let it dial you.. if you have static ip you can configure pfsese as a vpn client and let it connect to you.. you could be running virtual pfsense ..  a bizaare option,

        Thanks

        my 2 cents
        use differnet webui ports on different firewalls and do port forwarding .. considering the lan interface of that adsl is on same subnet as other pfsense boxes.

        alternativly if the pfsese boxes are accessbile from wan (using live ip ) you can do port forwarding and if you wil be accessible from static ip then you can be pretty restrictive with firewall rules..

        what if instead of you dialing in to corp network . let it dial you .. perhaps you would be running a virtual pfsense ..
        a rather bizaare option

        1 Reply Last reply Reply Quote 0
        • S
          satanhead2003
          last edited by

          Sorry… i forgot to mention that the other pfsense box is on another part of the map. The only connection it had is through the wan(10.180.10.254:10001 which my pfsense box is 10.20.20.254:10000 ). I can access/ping/ssh them using this 10.180.10.254 ip as long im in the 10.20.20.x network. As in illustration, it would be like this

          my current set up
          .ADSL --->my pfsense box (10.20.20.254:10000) = cannot connect/nat/portfowward to 10.180.10.254:10001

          what im trying to achieve is

          .ADSL--->my pfsense box (10.20.20.254:10000)--->my other pfsense box (10.180.10.254:10001)

          And as why im trying to avoid vpn is, on my pfsense box, im still using 2.1.5 which is the only version (i hope its not) didnt broke sarg report and squid3 in transparent mode and its vpn server seems broken (constantly restarting vpn service due to error which also will bring squid3 and squidguard to a halt).

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.