OpenBSD pf NAT question
I'm confused about how NAT is working. I currently have the following line:
match out on $ext_if from !(egress:network) to any nat-to $default_out
Which works. $default_out is one of the static IP addresses assigned to $ext_if.
However, I have certain systems that I want to go out of a different IP address (I have five statics). I tried this:
match out on $ext_if from 172.16.111.1 to any nat-to $static2
where $static2 is a different static address. After loading the ruleset, when I browse with 172.16.111.1, when I google "ip" it shows the address from $default_out.
I've tried adding the quick keyword to the $static2 NAT and moving it above the $default_out NAT but no beans.
Why isn't this working?
Is there another way I can NAT specific internal addresses to external addresses other than $default_out?
TIA
|