What you're looking for is under "System -> Advanced", labeled "Disable NAT Reflection". Uncheck this box, save, and pfsense will automatically create rules to redirect traffic back to localhost hosts when accessed by the external IP. pfsense uses netcat for this, however, unlike Linux and iptables (which can handle this without funky rules), and there's a 20 second timeout on connections with no activity. So, if you're doing ssh, you'll have to send keep-alive's to avoid being disconnected.
Cheers, Adrian ----- Original Message ----- From: "Johan Gunnarsson" <[EMAIL PROTECTED]> To: [email protected] Sent: Tuesday, June 3, 2008 7:28:58 AM GMT -05:00 US/Canada Eastern Subject: [pfSense-discussion] Port forward back from internal network I have port forwarding set up on my pfsense box to acess an imap-server on the network connected to my LAN interface. Everything works well when I'm using it from the outside: [EMAIL PROTECTED]:~$ telnet mail.example.com 143 Trying 1.2.3.4... Connected to pfsense.example.com. Escape character is '^]'. * OK Dovecot ready. However some of my applications running on machines on the internal network need to access the imap server using the outside hostname and this does not work. pfSense does not seem to understand that traffic with the destination address of the WAN interface originating from the network connected to the LAN interface should be port forwarded in the same way as connections from the outside. What is the *right* way to solve this? Right now i just use an entry in the hosts file to make the connections go directly to the internal ip but that's not the solution I'm looking for. -- Med vänliga hälsningar / Regards Johan Gunnarsson Xcerion AB Xcerion AB Drottninggatan 33 Direct: +46 709-45 08 57 Box 569 Office: +46 13-21 44 00 SE-581 07 Linköping xcerion.com <http://www.xcerion.com> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Please note that this message may contain confidential information. Unless explicitly so designated this e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer. The views expressed in this email may not be the policy or view of Xcerion AB.
