Limited NAT options

Forums Network Management Networking Limited NAT options

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #43950


    In pfSense I could create a NAT rule in order to forward packages to server inside my LAN. If you try to reach port 80 either from inside or outside of LAN, you could reach appropriate server.

    In zeroshell, I am not able to do that. It behaves as it would if you try from outside, but if you try from inside, it redirects packets to itself (zeroshell machine).

    I’m making these setup in Virtual Servers section. There is no “destination IP” option or similar option.

    How can I create a NAT rule that will redirect all packages where destination address is my_router:80 to my_virtual_server:80?


    You should be able to browse to your virtual server using its LAN IP from the within the LAN. From outside the LAN you should be able to browse to your virtual server using your WAN IP provided you have setup the virtual server settings in ZS.

    If you need to create a rule to direct traffic from withing the LAN you can do so in the Firewall section of the ZS GUI but this should already be working.

    Also try using port :8080 with the IP number of your virtual server.


    If I accept to browse virtual server via using LAN IP inside of LAN, I need to edit all machines’ /etc/hosts file.

    I was able to use WAN IP (fqdn) to browse the virtual server in pfSense, and I want to do the same.


    I think this would be a matter of adding a rule to the Prerouting table but I don’t think ZS provides the ability in the GUI. You could do it in shell mode.

    Maybe PFsense was ending the request out to the WAN instead of routing at over the LAN and so your port forwarding on the WAN was directing you to the correct server.

    You could try creating a rule in Netbalancer to send all traffic destined for your Public IP from your LAN out your Gateway. This might have the traffic return to the WAN side and be forwarded correctly.



    How are you accessing your LAN server now?

    I too have the web servers on the LAN and I simply set up DNS on ZS so when if punch in ‘’ from the LAN it resolves to, same as if I did it fro the WAN and NAT resolved to the same ID.

    Sounds like you do not need NAT, and that is not really a task for NAT at all. It would be if you wanted to access port 80 and be redirected to port 8088 for example…


Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.