I have a firewall box that sits between the 'WAN' port on a cisco 2811 and the main ISP line in to my building. The topology looks like:
ISP CONNECTION IN
My problem is logging on the UTM. It runs a dns filtering service that filters the network traffic for the site. Between the UTM and Router there is a class C subnet: 188.8.131.52/24. The utm has 184.108.40.206 and the router has 220.127.116.11. The cisco router has nat configured on it to allow 0.0.0.0. My problem is that when a client visits a blocked page the UTM logs this with the ip of the client. The problem I am having is that the client ip address is always 18.104.22.168 (The ip of the WAN on the router) and not the ip of the actual client.
How can i get the firewall to see the actual client ip? Ive ruled it down to NAT on the router but have no idea on how to configure it. Please could someone explain what I need to do?
@Georg Pauwen wrote:
now check the NAT rules generated on the pfsense. Since you have added a static route for 10.0.0.0/8, that network should be included in an automatically generated rule:
See attached image...
check if Manual NAT has been enabled.
The logic is as follows:
Your entire network can access the pfsense, and the pfsense can access the entire network. The thing left to do is let the pfsense know that it has to translate (NAT) both 10.0.0.0/8 and 22.214.171.124/24.