Sorry, that was a typo, Wan and Lan are on differents private networks, really sorry about that, just let me repeat again something here I guess I have not been clear, current setup don't use NAT at all, the ISP just use /30 network to connect equipment, and they route all the public addresses on the dmz segment, to the /30 side of our firewall, and our default gateway use their ip address /30 on their side, so as a routing platform, without nat, the dmz network should go outside just as routed packages, and the traffic to the dmz is routed by the isp to our wan ip address, now the private segment is also routed to private networks on that side, I don't need to nat that lan, in short, I don't need NAT, since I just want pfsense to behave like a routing platform with firewalling capabilities for filtering. I will test your recommendations Best regards, and again sorry for the typo
2008/8/20 Chris Buechler <[EMAIL PROTECTED]>: > On Wed, Aug 20, 2008 at 6:12 PM, Tim Nelson <[EMAIL PROTECTED]> wrote: >> I probably shouldn't introduce any further issues here... but aren't there >> issues having a 192.168.1.0/30 and a 192.168.1.0/24 on the same router? If >> you ping 192.168.1.1 or 192.168.1.2 from your router, what interface will it >> route those requests to? >> > > Ah yeah, I overlooked that - the LAN and WAN cannot even partially > fall into the same subnet to ensure appropriate behavior. The LAN here > needs to be something that is not inclusive of 192.168.1.0/30, maybe > 192.168.2.0/24. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]