The pfSense Store

Author Topic: Internal User needs specific Public IP address assigned  (Read 592 times)

0 Members and 1 Guest are viewing this topic.

Offline brwatters

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Internal User needs specific Public IP address assigned
« on: May 08, 2012, 11:46:11 am »
Hello ALL,

I am somewhat new to v2.x of pfsense so please forgive if this subject has already been spoken too, I have searched but could not find the following.

We are in need of one LAN user to go out via a specific public IP address, I am a bit concerned about doing a 1 to 1 nat for this user as I am pretty sure this will then expose the LAN and or his workstation to public traffic.

If possible please share best practice to complete the above.

BRW

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2753
  • Karma: +0/-0
    • View Profile
Re: Internal User needs specific Public IP address assigned
« Reply #1 on: May 08, 2012, 12:15:48 pm »
You should realize this with "Outbound NAT". You must switch from automatic to manual NAT and then configure the IP for the client.
I could not give you more information because I did not use that feature.

Probably someone else can explain more in detail or you do it by yourself :)

Offline Efonne

  • Hero Member
  • *****
  • Posts: 630
  • Karma: +0/-0
    • View Profile
Re: Internal User needs specific Public IP address assigned
« Reply #2 on: May 08, 2012, 01:56:16 pm »
1:1 NAT by itself will not expose the system to inbound traffic on the IP address.  It will still be blocked unless you have firewall rules that let things through to the local system.