Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT Question

    Scheduled Pinned Locked Moved NAT
    8 Posts 5 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      asistio04
      last edited by

      We Have a static ip example is 1.1.1.1 that is given by my internet provider(GLobe) and i want to redirect the ip into 172.16.0.22 in the Office how can i do that?

      if i access 1.1.1.1 in my browser outside the firewall i want to access my website hosted by the 172.16.0.22, please help me guys,

      Hoping for Reply

      1 Reply Last reply Reply Quote 0
      • J
        jonathanbaird
        last edited by

        You would need to create an inbound NAT rule. Go to Firewall > NAT > Port Forwarding and create a rule for port 80 and 443 to redirect to the target IP of 172.16.0.22.

        The interface would be WAN, protocol would be TCP. The destination port and redirect port would need to be 80 and 443 respectively, assuming you are using HTTPS as well as HTTP. If you are using HTTP only then simply forward port 80.

        I've attached an image which should hopefully help you.

        Untitled.png_thumb
        Untitled.png

        1 Reply Last reply Reply Quote 0
        • M
          muswellhillbilly
          last edited by

          As a caveat to that, make sure your web server (172.16.0.22) has it's default gateway set to the LAN interface of the PFS. Otherwise your return traffic won't route back out corrrectly.

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            I would to go with 1:1 NAT and virtual IPs and on top of this port forwarding to the internal IP address.

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              what???  if your port forwarding then you don't need a 1:1 nat… You would do a 1:1 nat when you have lots and lots and lots of ports all going to that same IP.  If all he has is web services then there is no need for a 1:1

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • A
                asistio04
                last edited by

                @jonathanbaird:

                You would need to create an inbound NAT rule. Go to Firewall > NAT > Port Forwarding and create a rule for port 80 and 443 to redirect to the target IP of 172.16.0.22.

                The interface would be WAN, protocol would be TCP. The destination port and redirect port would need to be 80 and 443 respectively, assuming you are using HTTPS as well as HTTP. If you are using HTTP only then simply forward port 80.

                I've attached an image which should hopefully help you.

                How come when i type the ip in our browser ,the pfsense log in page displays

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  Because your inside your network.. You need to TEST port forwards from OUTSIDE your network..

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • A
                    asistio04
                    last edited by

                    @johnpoz:

                    Because your inside your network.. You need to TEST port forwards from OUTSIDE your network..

                    Thank You Already Tested and Working!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.