NAT Question



  • We Have a static ip example is 1.1.1.1 that is given by my internet provider(GLobe) and i want to redirect the ip into 172.16.0.22 in the Office how can i do that?

    if i access 1.1.1.1 in my browser outside the firewall i want to access my website hosted by the 172.16.0.22, please help me guys,

    Hoping for Reply



  • You would need to create an inbound NAT rule. Go to Firewall > NAT > Port Forwarding and create a rule for port 80 and 443 to redirect to the target IP of 172.16.0.22.

    The interface would be WAN, protocol would be TCP. The destination port and redirect port would need to be 80 and 443 respectively, assuming you are using HTTPS as well as HTTP. If you are using HTTP only then simply forward port 80.

    I've attached an image which should hopefully help you.




  • As a caveat to that, make sure your web server (172.16.0.22) has it's default gateway set to the LAN interface of the PFS. Otherwise your return traffic won't route back out corrrectly.



  • I would to go with 1:1 NAT and virtual IPs and on top of this port forwarding to the internal IP address.


  • Rebel Alliance Global Moderator

    what???  if your port forwarding then you don't need a 1:1 nat… You would do a 1:1 nat when you have lots and lots and lots of ports all going to that same IP.  If all he has is web services then there is no need for a 1:1



  • @jonathanbaird:

    You would need to create an inbound NAT rule. Go to Firewall > NAT > Port Forwarding and create a rule for port 80 and 443 to redirect to the target IP of 172.16.0.22.

    The interface would be WAN, protocol would be TCP. The destination port and redirect port would need to be 80 and 443 respectively, assuming you are using HTTPS as well as HTTP. If you are using HTTP only then simply forward port 80.

    I've attached an image which should hopefully help you.

    How come when i type the ip in our browser ,the pfsense log in page displays


  • Rebel Alliance Global Moderator

    Because your inside your network.. You need to TEST port forwards from OUTSIDE your network..



  • @johnpoz:

    Because your inside your network.. You need to TEST port forwards from OUTSIDE your network..

    Thank You Already Tested and Working!