KOM,

Perfect.

Thanks,

~eric

@cceraja:

Hello Derelict,

I agree that it may not be a standard way. But still when a feature is there why not exploit it?

Look at the advantage it has… You don't need additional switches and additional nic for subnets.

Regards,
Raja

That's not a feature, it's an undefined configuration that is highly recommended against. Kind of like people using a high or low IP address of a subnet. It can work in some setups, but expect strange stuff to happen.

Many thanks for your reply,

Ok with the manual outbound nat enabled and the rule of SNAT I reach
perfectly the server on port 81 from the outside

However, though the subnet 192.168.2.x / 24 does not reach server 192.168.1.200 on port 80.
Instead, if I enable automatic outbound nat perfectly reach the server 192.168.1.200 on port 80 but not the server 192.168.10.230 on port 81.

I forget what?

thanks again

We upgraded to 2.1.5.
If I am right there was something about that in the version-info.
With the new version it works because they changed things in the behavior on CARP failover regarding to deleting states.

Best regards
Patrick

1.  If you have Auto NAT Rule generation on, which it is by default I believe, then the required rule should be created.

2.  If you have Manual enabled before you created your port forward then you will have to create the firewall rule.

I had an issue like this where I had to ensure VoIP packets leaving WAN had to be within a specified port range.  I think I just had to create the WAN rule and that was it.  I'll check in the morning.

THANKS A LOT!!!!

really I'm very happy to have always answers from someone, so this is one reason more to install pfsense and to know any problems
u can ask in forum and someone is ready to help u.

bye and again thanks.

roberto

Yeah, that's how much I understood of it as way.

I just don't understand why that "default route" is nowhere to be seen in the GUI. That made it so much more harder to understand what's happening.

Thanks for the explanation though

It worked right up to the moment I added the pfsense box. So I knew it's not the ISP. Its a setting blocking it somewhere. I'll just have to keep poking around.

Thanks,
Rick

For a reason that I don't know, NAT reflection was disabled. When I enabled it, the Outbound rules came back.

Why?

From pfSense side that all looks good.
Are there settings in TeamSpeak that would restrict it to responding only to connects from local LAN IPs? Or some subnet of "all"?

Set up the interface as the modem's vlan. Can't get the rule to fire up if it's not listening on the right interface.

@Wolf666:

Should be:

port forwarding
WAN  TCP  *  *  WAN address  8888  192.168.0.100  80

With firewall rule on WAN tab:
IPv4 TCP  *  *  192.168.0.100  80  *  none

The firewall rule did it.  That seems kind of weird how you have to do that.  Dest 192.168.0.100 dest port 80.

Makes me feel like I'm opening up port 80 to the world, even though I'm not.  So I just did some testing, it seems like the rule only needs to be written like that if your doing port redirection.

Just before I read this I was looking in the logs, and saw it blocking my public source, with destination of 192.168.0.100:80.

Thanks for the help!

You would have to BINAT on both sites.

Can this diagram be used to describe what you're wanting to do?

https://forum.pfsense.org/index.php?topic=82732.0