On Tue, Jul 22, 2008 at 1:02 AM, Beat Siegenthaler <[EMAIL PROTECTED]> wrote: > Chris Buechler wrote: > >> >> How is your outbound NAT configured? Even static port won't rewrite >> the source ports to something incremental, it just retains whatever >> the source port is. > > Automatic outbound NAT rule generation (IPsec passthrough) > "Auto created rule for LAN" "Static Port NO" > > Port Forward: > WAN TCP/UDP 53 (DNS) atom (ext.: x.y.z.b) 53 (DNS)
Strange, I'm on the 1.3 alpha snaps and am not seeing this behaviour through my unpatched BIND instance (which tcpdump confirmed was using the same source port and on the outside of pfsense was using what appeared to be random ports). It's possible that this is fixed in the PF import in FreeBSD 7.0, but I'm a little surprised. You might try the 1.2.1 snaps and see if you have better results. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
