PFSense - route outbound traffic through same inbound Virtual IP?

MrGuvernment

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
21,866
i have a PFSense 2.01 box up and i have several Virtual IP's configured.

One is going to be used for a test environment, and i need all traffic going out from the internal servers through one of the virtual IP's instead of the default WAN IP that is configured, the same IP i have NAT 1:1 set up for coming in bound.

i know how to do this in untangle, but seem a little lost in PFSense.... any help ? (currently reading plenty of google results..)

or does pfsense automatically route traffic out on the same IP it was requested on?
 
Last edited:
The advanced section at the bottom when setting up a firewall rule you can specify a gateway.

However your last sentence/question would also be true. If outside traffic comes in on one of your WAN IP;s then yea, pfsense will reply on that IP as well. That would screw things up royally if it didnt.
 
Appreciated, for example in Untangle i had to created a rule so that all traffic that went out from that server, whether requested from a NAT, would go out from the Virtual IP i had set.

nat.jpg


now thinking about it, of course if something is requested on an IP it will request on the same one. blonde moment!!!

So i was thinking the same for PFSense, that all traffic from that server is sent out over the Virtual IP.
 
bring back an OLD thread!


having similar issue with this again trying to get a VOIP config working behind pfsense 2.0.1

in the gateway option, the only gateway it shows is the main gateway that is configured for the main WAN connection

it does not list any of the Virtual IP's i have set up to send traffice out from the virtual IP, IP.
 
MrGuvernment said:
bring back an OLD thread!


having similar issue with this again trying to get a VOIP config working behind pfsense 2.0.1

in the gateway option, the only gateway it shows is the main gateway that is configured for the main WAN connection

it does not list any of the Virtual IP's i have set up to send traffice out from the virtual IP, IP.
Click to expand...

This is easily done if you have another NIC. I'm going through my setup and cant seem to figure out how to do this with a single NIC either.
 
ya, with another nic i can assign it the single IP and create it as a gateway, i was thinking that, if i could do it with one nic, would be better *runs to see if there is another spare port in the box*
 
I do see under the WAN connection, next to the Gateway IP i can choose "add" but i would assume i would have to add an actual gateway there and not just a Virtual IP since...
 
MrGuvernment said:
I do see under the WAN connection, next to the Gateway IP i can choose "add" but i would assume i would have to add an actual gateway there and not just a Virtual IP since...
Click to expand...

You're correct.

Seems like a virtual IP's only functionality is to handle inbound connections. I see no way to shape traffic to use a virtual IP.
 
MrGuvernment said:
bring back an OLD thread!


having similar issue with this again trying to get a VOIP config working behind pfsense 2.0.1

in the gateway option, the only gateway it shows is the main gateway that is configured for the main WAN connection

it does not list any of the Virtual IP's i have set up to send traffice out from the virtual IP, IP.
Click to expand...

Firewall > NAT > Outbound and create NAT rule for that IP

If you are using SIP make sure you set Static Port = YES.
 
sweet!!

so this is what i set

Do not NAT - disabled / unchecked

Interface - WAN
Source - IP of internal LAN sever to go out 1.1.1.1/32 since i only want a single ip ?

Destination - Alias i have for access to the ISP

Translation - Address: My Virtual IP

Static Port Yes
 
Last edited:
Switched

Automatic outbound NAT rule generation
(IPsec passthrough included)

and enable

Manual Outbound NAT rule generation
(AON - Advanced Outbound NAT)



and working now!
 
You must log in or register to reply here.
Back
Top