Hi Guys

 

I have been running the embedded version of PFsense for a while now with the following configuration.

 

I have purchased new Wireless Internet Access from a company, and they provided me with a network point that I have plugged into the OPT1 port of my firewall.

 

The configuration is as follows.

 

LAN -> IP : 172.16.0.250 Gateway: 172.16.2.250

WAN -> Establishes the PPOE connection

OPT1 -> IP : 172.16.2.1 -> Gateway : Default

 

The wireless provider also provided me with an Public IP address and they are natting all traffic to my 172.16.2.1 IP address. From there I am natting SMTP and HTTPS to my internal server 172.16.0.1.

 

Now the issues is it was working for about a day, and after that no traffic would reach my server even though I could see that the firewall was allowing the traffic to pass through.

 

What I would like to know is how well does Pfsense handle double natting. I am not sure if I am missing any further configurations on my side to allow the traffic to pass through.

 

All firewall rules have been applied to instruct internal traffic going outbound to use the OPT1 interface, which works without any hassles. But I’m only have trouble with traffic coming in  through my OPT1 port.

 

I have now resorted to routing all traffic over my ADSL line until I can get the OPT1 interface to handle all inbound traffic.

 

I would like to keep the configuration the same, so that I can leave the ADSL on my WAN interface incase the Wireless link goes down.

 

 

 

Kind Regards

duncanwiggill

http://www.inetgrid.co.za/images/inetgrid/signature.gif

Disclaimer: iNETgrid does not accept responsibility or liability for the unauthorized use of its e-mail facility and/or the use of its e-mail facility other than for its own authorized business purposes.

Save for statements and/or opinions relating to bona fide company matters, iNETgrid denies responsibility or liability for the contents of this communication.

 


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Reply via email to