Thanks to all those that helped. It was changing the gateway to default that did the trick.
Ron. -----Original Message----- From: Evgeny Yurchenko [mailto:[email protected]] Sent: Tuesday, November 03, 2009 11:08 AM To: [email protected] Subject: Re: [pfSense Support] Sending traffic out a 2nd WAN interface Ron Lemon wrote: > Hi Chris and Keenan, > > It is still not working so this is exactly what I have. I don't usually > post all the live IPs but at this point I just need it to work. > > Windows 2K3 Server (no firewall) 10.0.3.1 > > This guy needs to receive LDAP and SMPT traffic from OPT1 Interface > > LAN Rules: > > Proto Source Port Dest Port GW > Sched > TCP * * 142.46.226.22 25 142.47.56.89 > TCP * * 142.46.226.24 389 142.47.56.89 > TCP * * 10.250.223.148 389 142.47.56.89 > * LAN net * * * * > > OPT1 Rules: > > TCP 142.46.226.24 * 10.0.3.1 389 142.47.56.89 > TCP 10.250.223.148 * 10.0.3.1 389 142.47.56.89 > TCP 142.46.226.22 * 10.0.3.1 25 142.47.56.89 > ICMP * * * * * > TCP 142.46.226.16 * LAN net * 142.47.56.89 > > > OPT1 is on a private network with ip of 142.47.56.90/28 with GW of > 142.47.56.89 > > >From a workstation I can successfully telnet out to 142.46.226.22:25 but I > cannot telnet to either of the 389 addresses > > When they try and telnet to me I do see traffic in my FW capture from them > on OPT1 for 389 but it never gets passed to the inside machine. > > This is driving me nuts and I am sure I am missing something simple, please > any help is appreciated. > > I do not think you need to specify gateway in OPT1 rules, make it default. Then, you have to set up port forward nat on OPT1, so traffic destined to 142.47.56.90:389 should be forwarded to 10.0.3.1. When you create this forwarding proper rules will be created automatically. If I understand your task correctly... --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
