Complicated NAT Question
I am using 2.2.6 pfSense as my router/firewall. I have two static IPs, which for the purposes of the question we'll say are 188.8.131.52 and 184.108.40.206.
I want 99.9% of my network traffic to go out to the Internet as 220.127.116.11, but I would also like to NAT any and all traffic for my web server for 18.104.22.168. I have a very heavy Cisco background, both in routers & firewalls, and I think it is proving more of a hindrance than a help in this situation.
Can anyone please point me to some documentation about how to create this functionality in pfSense? My searches seems to have turned up conflicting or unclear information.
Are these public IPs on different connections or the same one. So your wan on pfsense as 22.214.171.124, create a vip for 126.96.36.199 and forward traffic to your webserver via your vip. And then on your outbound nat setup your webserver to use the vip for its outbound traffic.
Yes. The IPs are both on the same connection.
Thanks for your reply.
Just to be sure I understand, I will:
1. Create appropriate NAT and Firewall rules for Incoming from Virtual IP that point the the web server.
2. Create an outbound NAT rule for my web server to use the Virtual IP.
One other question: Do I need to remove the auto-generated outbound NAT rules, or will my manual outbound NAT rule be prioritized over them?
Once again, my thanks!
No you do not need to remove the auto.. You need to make sure that the webserver talks back out the same IP it came in.