Hi again - we've reached what should hopefully be the final hurdle before getting our new dual pfSense boxes into service. This time it's NAT/port forwarding.
We had a few simple rules setup on the old system, which obviously work fine. On the new systems, we're not quite getting through. I have duplicated the list of NAT rules, so that there are similar rules for *both* public WAN addresses, and I've added the necessary firewall rules of course.
On testing this, I can see the connection in the logs, being passed by the firewall and sent to the correct internal destination. But we're not actually getting any response from the target host.
One question - should the external IPs be set to the *real* IP of the WAN/WAN2 interface, or the *virtual* IPs, as used for the outbound NAT? It doesn't seem possible to choose the virtuals in the GUI, but it works when hacking the config file directly.
Any ideas on diagnosing this one, and discovering at what point the incoming connection is 'stopping'?
Cheers
Alastair
SysAdmins Ltd
Cambridge, UK
Title: NAT/port forward not coping with CARP?
- [pfSense Support] NAT/port forward not coping with CARP? Alastair Stevens
- RE: [pfSense Support] NAT/port forward not coping wi... Holger Bauer
- RE: [pfSense Support] NAT/port forward not copin... Alastair Stevens
- RE: [pfSense Support] NAT/port forward not copin... Alastair Stevens
- RE: [pfSense Support] NAT/port forward not coping wi... Holger Bauer
