I started learning pfSense to run my small office network and found few information on pfSense in Japanese as it’s not popular here in Japan. I learned so much from Tom’s tutorials and really appreciated.
I use NAT port forward from WAN (PPPoE) with one fixed global IP to one of LAN interfaces as designated DMZ net (10.0.0.0/24) with private IPs, as server A for port 80/443 and server B for related mail ports (two separate servers for web and mail).
This is working so easy and smooth except Apache access log.
The Apache access log shows LAN (DMZ) gateway IP as source IP and each server IP as destination and doesn’t include original source IP after I noticed my Awstats did not capture access info correctly and also some of wordpress access count plug-ins.
I wonder if there is any way to include original source IP from pfSence box in the Apache log with NAT port forward or any other way to carry original source IP for logging purpose.
I used to use simple DMZ function comes with the consumer router provided by tel comm provider that forward all incoming access to single private IP and it carries original source IP and Apache did capture it in its log.
I searched articles in Japanese and English but I could not find clear answer except some discussions in English mentions negative results.
Any help or information will be greatly appreciated.