Personal tools

1:1 NAT

From PFSenseDocs

Jump to: navigation, search

1:1 NAT, aka one-to-one NAT or binat, binds a specific internal address (or subnet) to a specific external address (or subnet). Incoming traffic from the Internet to the specified IP will be directed toward the associated internal IP. Outgoing traffic to the Internet from the specified internal IP will originate from the associated external IP.

To allow traffic in from the Internet, you must add a firewall rule on the associated WAN interface allowing the desired traffic, using the destination IP of the internal private IP.

All of the 1:1 NAT mappings are listed under Firewall > NAT, on the 1:1 tab. To edit an entry, click the "e" button, delete with the "x" button, or add a new entry with the "+".

When adding or editing a 1:1 NAT entry, pick an Interface where the NAT should happen, specify an External subnet (or use /32 for a single IP), an Internal subnet (or the starting address of the block), and enter a description.

Click Save when finished.