• Disable/enable nat 1:1 from cli.

    2
    0 Votes
    2 Posts
    254 Views
    gilbertonunes33G

    Perhaps using pfctl or something??
    Need some help in this issue. Thanks.

  • UDP packets randomly natted to wrong ip address

    6
    0 Votes
    6 Posts
    494 Views
  • Port forward worked before Public IP change

    1
    0 Votes
    1 Posts
    218 Views
    No one has replied
  • Nat mapping too much to cause leak ?

    3
    0 Votes
    3 Posts
    401 Views
    D

    @viragomann Thanks for the explanation. appreciated.

  • multiple WAN IP SNAT after port forward

    5
    0 Votes
    5 Posts
    462 Views
    G

    @derelict thanks a lot

  • VLAN to LAN to remote?

    2
    0 Votes
    2 Posts
    319 Views
    V

    @summer
    Best way to do is to add the VLAN to the remote OpenVPN settings to add the route, but if I understand you correctly, that's not an option for you.

    So yes, you can go with masquerading. Rules can be added on the outbound NAT tab.
    If the outbound NAT is still working in automatic mode switch to hybrid first and press save.
    Then add a new rule with settings like these:
    interface: <the VPN interface>
    source: select 'network' and enter the alias you've set for the permitted clients
    destination: <the remote LAN>
    translation: interface address

    This presumes that the tunnel subnet is routed to the VPN endpoint on the remote site (that it's the default gateway). Otherwise you may use any unused IP out of the LAN subnet.

    Also ensure that there is a firewall rule in place on the VLAN which allows the traffic to the remote LAN.

  • VOIP security with AVM Fritzbox

    1
    0 Votes
    1 Posts
    289 Views
    No one has replied
  • RTSP and NAT

    2
    1 Votes
    2 Posts
    1k Views
    E

    @pkx232c

    I think that pfSense do no spoof the RTCP traffic and do not define a NAT nor a port forwarding.

    What needed is a spoofing the RTCP traffic and setup and NAT or forwarding for the "client_port" in the RTCP-SETUP message. As i have seen, other firewall do this.

    I have found the same tool (designed for OPNSense) and i hope for a solution on pfSense!

  • DNAT for RTSP (RTCP) not working

    1
    1 Votes
    1 Posts
    376 Views
    No one has replied
  • Port forward throgh vpn

    17
    0 Votes
    17 Posts
    2k Views
    A

    @viragomann thanks a lot for helping out

  • Not able to route through non-default WAN

    3
    0 Votes
    3 Posts
    721 Views
    OceanwatcherO

    @serbus Just saw the latest video from Tom Lawrence and it seems to be a bug in the software we are using. So the solution will be to roll back.

  • port forward 80 not working

    2
    0 Votes
    2 Posts
    336 Views
    G

    I remember doing the upgrade 15.03.2021 from

    2.4.5-RELEASE-p1 (amd64) built on Tue Jun 02 17:51:17 EDT 2020 FreeBSD 11.3-STABLE

    to

    2.5.0-RELEASE (amd64) built on Tue Feb 16 08:56:29 EST 2021 FreeBSD 12.2-STABLE

    Before that, however, I made a backup of the whole image. Now I have restored pfsense from backup and everything works. Now I'm afraid to upgrade because it will go wrong again.

    There will probably be a bug in version 2.5.0

  • Replies blocked for port forward outside default route

    1
    0 Votes
    1 Posts
    270 Views
    No one has replied
  • Wireguard Port forwarding to second PfSense

    1
    0 Votes
    1 Posts
    401 Views
    No one has replied
  • Forwarding HTTP(S) traffic to transparent proxy

    1
    0 Votes
    1 Posts
    181 Views
    No one has replied
  • NAT Port Forward Trouble with 21.02

    1
    0 Votes
    1 Posts
    282 Views
    No one has replied
  • NAT for multi web servers

    10
    0 Votes
    10 Posts
    909 Views
    johnpozJ

    Like I said if the health check that its doing doesn't work for whatever reason - it thinks the backend is down, then yeah you get a 503..

    I never went into looking any deeper to why say the http check doesn't work for ombi service for example.. Because I only have 1 server, there is little need to actually know if its up or not for loadsharing, etc.

  • Setting up an alias.

    6
    0 Votes
    6 Posts
    516 Views
    A

    Hello.

    I think the OP asked for specifically an "allow list" at firewall level additionnaly to the win SFTP server whitelist.
    Then it means to me he want to know how best to make an alias in pfSense with multiple IP that are already whitelisted SFTP side.

    @Smoothrunnings If you want/can do it manually, you set up an alias with CIDR adresses as you want (either /32, or whateever mask you need, sometimes a whole subnet is preferable, sometimes not depending on your case).
    Or if you want to automate it, you can use URL aliases (URL link to an automated generated text file with all IP/CIDR in it, generated by SFP server or something and made accessible trough a internal/minimal web server for exemple)
    You can check here the full doc as they are more possibilities :
    https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html

    And when your Aliases are ready, you just need to specify them in "Source address" for your port forward rules to the SFTP server.

  • SIP/VoiP issue

    1
    0 Votes
    1 Posts
    370 Views
    No one has replied
  • DMZ NAT LAN WAN

    1
    0 Votes
    1 Posts
    274 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.