1:1 NAT pfsense or opnsense proxmox Hetzner

For the past few months, I been trying to learn how to do 1:1 Nat. Like it's say to do Here [login to view URL] I have readed each day to learn it. I have been going in circles with it and not able to do it. At this time I have a new install of pfsense. With my Virtual IP's put in. My DDNS is set up and is green. I have a pfsense set on port 440. I have my DNS port set. Have a test VM for this setup because I have read that I have to set things up in the VM to take the subnet. I have a cp of my interfaces file that is shown in this post as interfaces.backup. At this time I am using a interfaces file from one of the links that is posted. Have a few rules set. Now I do not want you to do all the subnet's Like I posted. I want one or 2 set up I can look at and LEARN from because I want to know how it works. The goal is to be able to 1:1 NATIn order to be able to reach our internal clients now also from the Internet, we still have to configure the 1:1 NAT from subnets [login to view URL] what info would you like. let me know what you would like and we will go from there because it's something you may have used the ip's to login to see for yourself. Here are some other guides I have been reading and they have help me to get to where I'm at now [login to view URL] [login to view URL] [login to view URL] Here is my interfaces file auto lo iface lo inet loopback iface lo inet6 loopback # device: eno1 iface eno1 inet static address 95.aaa.aa.14 gateway: 95.aaa.aa.1 netmask: [login to view URL] broadcast: 95.aaa.aa.63 up route add -net 95.aaa.aa.0 netmask [login to view URL] gw 95.aaa.aa.1 eno1 iface eno1 inet6 static address 2a01:zzz:zz:zzz::2 netmask 128 gateway fe80::1 auto vmbr0 iface vmbr0 inet static # WAN Interface address 95.aaa.aa.14 netmask [login to view URL] pointopoint 95.aaa.aa.1 gateway 95.aaa.aa.1 broadcast 95.aaa.aa.63 bridge_ports eno1 bridge_stp off bridge_fd 0 # Route an eventually ipv4 subnet (!NOTE: in hetzner an ipv4 /29 subnet when routed is completely usable) up route add 95.xxx.xxx.184/32 dev vmbr0 up route add 95.xxx.xxx.185/32 dev vmbr0 up route add 95.xxx.xxx.186/32 dev vmbr0 up route add 95.xxx.xxx.187/32 dev vmbr0 up route add 95.xxx.xxx.188/32 dev vmbr0 up route add 95.xxx.xxx.189/32 dev vmbr0 up route add 95.xxx.xxx.190/32 dev vmbr0 up route add 95.xxx.xxx.191/32 dev vmbr0 # Says the host where the answer for subnet behind pfsense should be routed #up ip route add [login to view URL] via [login to view URL] dev vmbr0 #(the ip of via have to be the pfsense ipv4 WAN ip) up ip route add [login to view URL] via 95.bbb.bb.218 dev vmbr0 up ip route add [login to view URL] via 95.bbb.bb.218 dev vmbr0 up ip route add [login to view URL] via [login to view URL] dev vmbr0 iface vmbr0 inet6 static address 2a01:4f9:4a:1bb0::2 netmask 64 # Metric 1 because kernel set up a ipv6 route send the /64 subnet over (::) no next hop up ip -6 route add 2a01:zzz:zz:zzzz::/64 via 2a01:zzz:zz:zzzz::3 dev vmbr0 metric 1 auto vmbr1 iface vmbr1 inet manual # LAN INTERFACE bridge_ports none bridge_stp off bridge_fd 0 Here is all the IP's from Hetzner. [login to view URL] <------------Main IP <------proxmox Gateway: 95.aaa.aa.1 Netmask: [login to view URL] Broadcast: 95.aaa.aa.63 95.bbb.bb.218 <--------additonal IP <---pfsense Gateway: 95.bbb.bb.217 Netmask: [login to view URL] Broadcast: 95.bbb.bb.223 Separate MAC: 00:00:00:00:00:7F 2a01:zzzz:zz:zzzz:: / 64 <--Main ipv6 Gateway: fe80::1 Netmask: ffff:ffff:ffff:ffff:: Subnet IP: 95.xxx.xxx.184 thur 95.xxx.xxx.191 Gateway: 95.aaa.aa.14 Netmask: [login to view URL] Broadcast: 95.xxx.xxx.191