• Conflict between VoIP and online gaming

    3
    0 Votes
    3 Posts
    553 Views
    snitemS

    @viragomann Thanks, I adjusted the source address and mask to match my VoIP setup and now everything works!

  • 0 Votes
    1 Posts
    197 Views
    No one has replied
  • NAT to cable modem admin UI needs to come from same subnet

    4
    0 Votes
    4 Posts
    744 Views
    S

    TL,DR ;) but it looks like there are some suggestions. Netgate has a recipe page for this : https://docs.netgate.com/pfsense/en/latest/recipes/modem-access.html

    I’ve never had to do anything for AT&T or Comcast modems, it “just works.”

  • Need help troubleshooting NAT rules please

    5
    0 Votes
    5 Posts
    502 Views
    J

    @Brianrl-0 said in Need help troubleshooting NAT rules please:

    Thanks for the info. Unfortunately, a VPN is not an option. Do the rules look good?

    You have pfSense... how could a VPN NOT be an option?? It's built in. Use it.
    As for the rules, no one can actually say if they're correct because you redacted the private IP's... Why? No need to obscure private IP's.
    But all the redacted should be the IP of the server itself. If that's the case, then yes, they are correct.

  • pfSense NAT rule to another pfSense

    12
    0 Votes
    12 Posts
    947 Views
    L

    @viragomann Thanks for the clarification.
    b8c9a9a8-d92d-4680-a378-b476b940536a-image.png

  • Plex with OpenVPN

    6
    0 Votes
    6 Posts
    1k Views
    G

    @mathais Have you looked into using a solution like Tailscale to make this work? It should be able to traverse your VPN regardless of how NordVPN has it set up...

    Setting up what Tailscale calls a "subnet router" in your network and changing your Plex settings to work with webview through this server... obviously you need to run tailscale clients on your devices that want to access your Plex server.
    https://community.umbrel.com/t/how-to-run-plex-through-tailscale/14595

  • IP unit without default gw - nat/portforward/…?

    4
    0 Votes
    4 Posts
    426 Views
    rmathisenR

    Thanks a lot for the help @JOHNPOZ, now I got it working :-)

  • Need help - verifone credit card machine

    2
    0 Votes
    2 Posts
    532 Views
    GertjanG

    @vada123 said in Need help - verifone credit card machine:

    It fails immediately, which indicates to me that it is being blocked somehow.

    Or : traffic never reaches pfSense.

    @vada123 said in Need help - verifone credit card machine:

    I have looked through the firewall logs and there are no entries for the ip of the PC or the verifone

    Get back to the default state of the credit card reader : it's probably "DHCP".
    Power down PC and credit card reader.
    Now : look at the pfSense Status > System Logs > DHCP log page.
    Start up your PC, credit card reader etc.
    You should see lines like this :

    7bdf357c-df4e-4055-b0ca-104f775fdbc9-image.png

    where the MAC is the MAC of the device you've switched on.
    "igc1" is the interface on which pfSense received the DHCP request. This is the interface on which a pfSense DHCP server should be running.
    Remember : at this stage the device hasn't an IP yet.
    These DHCP packages are not fire-walled (if you have a DHCP server set up - on LAN, by default, you have one).

    So : again : traffic reaches pfSense ?

  • how to configure OpenWRT router after pfsense box?

    Moved
    4
    1 Votes
    4 Posts
    1k Views
    buggzB

    Thanks for all the replies!

    I have FINALLY gotten one of my OpenWRT devices to work.
    Now to replicate to other devices.
    I am finding my problem is from tinkering with too many things at once.

  • Trouble with nat/portforward/(maybe)vlan to game servers

    2
    0 Votes
    2 Posts
    457 Views
    I

    I didn't change anything and today went to sanity check some things. Tried logging into the servers to see if pfsense had any logs relating to it and they both just work now?? Anyone know why?? I'm very confused :/

  • It works now??? Anyone know why?

    1
    0 Votes
    1 Posts
    170 Views
    No one has replied
  • Port forwarding to OpenVPN tunnel

    7
    0 Votes
    7 Posts
    2k Views
    T

    @viragomann
    oh yes, good point. I was confused by the fact that many times the NAT device is also the default gateway, so the masquerade is not needed. But it is not my case with openvpn.

    Many thanks again for explanation and support.

  • 1:1 Nat only works in one direction

    3
    0 Votes
    3 Posts
    374 Views
    S

    @milonic Did you mean to use 10.1.1.1/24 for the VIP?

  • As of 2.7 explicit rule needed for reply packets from inbound NAT?

    1
    0 Votes
    1 Posts
    137 Views
    No one has replied
  • How do port forward negations work with 1:1 NAT?

    6
    0 Votes
    6 Posts
    545 Views
    DerelictD

    @senseivita Still no way to know why you are experiencing issues looking at that rule set. With the 1:1 in place you need to pass the desired inbound traffic to 10.7.0.229 and 10.16.0.35. Like I said, port forwards, by default, make this rule for you. 1:1 NAT does not.

  • GRE Tunnel possible NAT setup

    2
    0 Votes
    2 Posts
    534 Views
    A

    Fix to Issue

    Issue was NAT was being applied to local LAN and remote LAN which need to be removed.
    This is automatically created with pfSense by default.
    Disabled NAT under Firewall>NAT> Outbound change to Manual Outbound NAT rule generation. (AON - Advanced Outbound NAT)
    Then select the NAT Rules to disable for Tunnel Interface for local LAN and remote LAN, then click on Toggle button to disable rules.
    Done

  • Port Forward 80 Webserver

    26
    0 Votes
    26 Posts
    3k Views
    S

    I have been doing a little more digging and the issues I am facing seams to be common with the 2.7.2 release. There's loots of threads over on redit so I'm convinced that SOMETHING has changed within this release because NOTHING about or with my setup has changed.

  • NAT Problems

    3
    0 Votes
    3 Posts
    326 Views
    S

    @viragomann
    Thanks a lot!

  • 0 Votes
    4 Posts
    451 Views
    V

    @louis2 said in 1:1 NAT reflection to replace splict DNS as solution to reach my own public servers from the LAN:

    However since DNS query's are more and more hidden in HTTPS, Split DNS solutions do not work any longer. So I need a different solution, which might simplify things as well.

    You should better care, that the local devices use your local DNS instead.
    Normally you can configure web browsers to not use DoH, but the system DNS resolver.
    And for the hard cores, there are lists with DoH servers in the internet, which you can use to block it.

    option: System > Advanced on the Firewall & NAT Enable automatic outbound NAT for Reflection
    I combination with some rules in "Firewall NAT1:1"

    This should also enable internal devices accessing your public IPs without additional NAT rules.
    But remember, this is only NAT as well.

    When a packet is arriving via the WAN, the WAN has a couple of rules to allow / to block / to NAT.

    When using NAT 1:1, you have to additionally configure the necessary firewall rules on WAN and on the internal interface. The NAT rules don't pass any traffic on their own.

  • 2 WAN interfaces toubleshooting on Azure

    4
    0 Votes
    4 Posts
    364 Views
    V

    @ddave421
    Yes, this one.
    But this ist Just an additional IP on the NIC.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.