cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
663
Views
0
Helpful
7
Replies

Port Fowarding in a double NAT enviorment with a pf sense firewall and Cisco 2901

studmuffin
Level 1
Level 1

I recently replaced my Home modem with a Cisco 2901 Router and a va-vdsl EHWIC card and i got everything to work but then i needed a firewall so i accuired a pfsense firewall which is sitting inside my 2901 network and my 2901 gets my external isp ip address what do i do if i want to port forward for like games and applications how would i do that with two nat enviroments is that even possible?

7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

 

There is usually no problem with double NAT as you call it but why do you need to do that ie. your firewall does not have to do  NAT just allow the already translated traffic through. 

 

Jon

I dont know how to do that in pfsense though 

and what if i want to do vlans what do i to then 

 

 

The pfSense does not have to do NAT if you don't want to so just do the NAT on the router and then add rules on the firewall for the translated IPs.

 

If you want to use vlans and route them on the LAN side of the firewall just create your vlans on your switch and make the connection to the firewall a trunk link. 

 

You will then need to configure vlans on the pfSense firewall. 

 

Jon

and then do router on a stick?

 

Your LAN is behind the firewall isn't it ? 

 

If so then you use the firewall to route between your vlans not the router.

 

Jon

yes 

Review Cisco Networking for a $25 gift card