pfSense Forum

pfSense English Support => General Questions => Topic started by: cwager990 on February 03, 2018, 06:27:09 pm

Title: Routing Out To A Specific WAN IP, Belonging to a X.X.X.X/29 Subnet
Post by: cwager990 on February 03, 2018, 06:27:09 pm
Dear Forum Members

Can someone confirm for me the correct approach to route traffic from LAN-Subnet X.X.X.X/24 to Public IP X.X.X.44

The Subnet Range is X.X.X.40 - X.X.X.47 - 40 is the network address, 41 is the pfSense WAN int address and 47 is the broadcast. 42, 43, 44, 45, 46. are added as IP Aliases, in the Virtual IP panel.

Thanks Chris
Title: Re: Routing Out To A Specific WAN IP, Belonging to a X.X.X.X/29 Subnet
Post by: viragomann on February 04, 2018, 03:11:52 pm
You want to route traffic from LAN network to an IP assigned to the WAN  ???  That makes no sense.

I think what you're trying to achieve is, that traffic from LAN to the internet is shown as if it is coming from X.X.X.44 outside, which is an alias on the WAN interface. That's NAT.
This can be done by outbound NAT in pfSense. Firewall > NAT > Outbound.
Set it in the hybrid or manual mode at first. Then add a rule:
Interface: WAN
source: LAN net
dest: any
Translation address: X.X.X.44
Title: Re: Routing Out To A Specific WAN IP, Belonging to a X.X.X.X/29 Subnet
Post by: cwager990 on February 08, 2018, 07:06:51 pm
Yes that is exactly what I meant, thank you for correcting my explanation and for providing a solution, I was wondering if it is possible to assign a public ip address directly to a server on my network, without NAT, while retaining the firewall can this be achieved do you know how or do I need to start a new post.

Thanks Chris
Title: Re: Routing Out To A Specific WAN IP, Belonging to a X.X.X.X/29 Subnet
Post by: viragomann on February 09, 2018, 04:45:52 am
You can achieve this by bridging WAN and LAN interface. But this way you can only use the public /29 subnet on LAN. pfSense is still able to filter traffic, but not to forward anything, of course.
If you don't have special reasons for bridging it isn't recommended.