11-04-2019 09:39 AM
I recently replaced my Home modem with a Cisco 2901 Router and a va-vdsl EHWIC card and i got everything to work but then i needed a firewall so i accuired a pfsense firewall which is sitting inside my 2901 network and my 2901 gets my external isp ip address what do i do if i want to port forward for like games and applications how would i do that with two nat enviroments is that even possible?
11-04-2019 10:15 AM - edited 11-04-2019 10:15 AM
There is usually no problem with double NAT as you call it but why do you need to do that ie. your firewall does not have to do NAT just allow the already translated traffic through.
Jon
11-04-2019 03:58 PM
I dont know how to do that in pfsense though
11-04-2019 04:11 PM
and what if i want to do vlans what do i to then
11-05-2019 01:39 AM
The pfSense does not have to do NAT if you don't want to so just do the NAT on the router and then add rules on the firewall for the translated IPs.
If you want to use vlans and route them on the LAN side of the firewall just create your vlans on your switch and make the connection to the firewall a trunk link.
You will then need to configure vlans on the pfSense firewall.
Jon
11-05-2019 06:30 AM
and then do router on a stick?
11-05-2019 10:35 AM
Your LAN is behind the firewall isn't it ?
If so then you use the firewall to route between your vlans not the router.
Jon
11-05-2019 04:12 PM
yes
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide