Multiple source networks to one destination port.

  • I need to be able to set up NAT rules to allow me to direct a number of netblocks to the same destination IP and port on the LAN side of the firewall.
    Net Block Plus Plus to destination IP port 5000 for example.

    I find that I can set up a NAT rules for the first netblock ( in this example. When I come to add a second rule pointing to the same destination and port I get the following error:

    The following input errors were detected:
    • The destination port range overlaps with an existing entry.

    What am I doing wrong or missing.

    Thank you

  • LAYER 8 Global Moderator

    And why would you not just create the nat to your IP and port..  And then limit who could access it via your firewall rule??

    You can not create more than one nat to the same IP and port..

  • Thank you for responding.

    Now I need a little help to get my head around how I would configure that in.
    Would I construct a series of rules like the following using what I wrote in my original post

    Block not destination
    Block not destination
    then last would be the NAT which would anything to port 5000

    Tried the above and to see if it worked. I removed the NOT tick so as I understand it then traffic should have been blocked  the address blocks.
    However, I found that traffic was getting through on the final rule/nat. I had the rules listed such that the block rules were before the NAT rule.

    So I am missing something so can you please clarify your post.

    Moving from IPCOP to pfsense has been relatively trouble free apart from this issue.

Log in to reply