@GPz1100 said in Default Gateway:
From what I can gather, in pfsense, the closest thing to the masquerading equivalent is the default outbound nat rules. While the "NAT" tab equivalent would be outbound nat rules for SNAT or port forwarding for DNAT. Is this an accurate understanding?
Yes.
Under the NAT section in UTM, they have 2 tabs - masquerading and NAT.
NAT = Port Forwarding (= DNAT)
masquerading = Outbound NAT (= SNAT)
DNAT translates the Destination address in packets, while SNAT translates the Source address.
With respect to multiple gateways configured (ie wan and wireguard), any settings in the outbound NAT will not affect which gateway is used to egress that traffic. That is, nat settings (as mentioned in the quote), only affect addresses. Which interface this traffic leaves on (from) is set entirely in the firewall rule of the original source interface said traffic came into the firewall on (LAN for example). Is this correct?
Which interface to be used for outbound traffic is a thing of routing.
Traffic which is entering pfSense on any interface can be policy routed by firewall rules. If you do not state a gateway in the rule the traffic follows the default route or static routes if you have added any (System > Routing).