Tag Archives: nat

Configuring a network-to-network NAT in pfSense

In this case, I’m NATing (interface name = vlan8) to (interface name = int8), so a packet to will be NATed to

Go to Firewall -> Nat
Create a new 1:1 mapping, and put the settings as follows:
Interface: vlan8
External subnet IP:
Internal IP: int8 subnet
Destination: any (you might be able to use int8 subnet here, but it wouldn’t work with my VPN configuration as VPN IPs are on a separate subnet)
NAT reflection: use system default

And save, now to Firewall -> virtual IPs
Create a new virtual IP
I’ve used CARP, but when I get the chance I’ll try Proxy ARP, which would be better for those who have an entire subnet behind the pfsense (I don’t, so I need to put in each address to NAT individually)

And then the settings on your host behind the pfsense:
IP: (whatever IP you want)
gw: 10.120.x.x (IP of pfsense’s int8 interface)
(to set the gateway in Ubuntu, using /etc/network/interfaces didn’t seem to want to work for me, so I used “route add default gw 10.120.x.x” instead)