Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Not sure about actual NAT behavoir

    Scheduled Pinned Locked Moved CE 2.7.0 Development Snapshots (Retired)
    5 Posts 2 Posters 664 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      louis2
      last edited by

      Hello,

      I use pfSense as router and a FritzBox behind pfSense for WIFI and Voice. For that I have to NAT packages. I do not manage to get it working and do not understand why.

      However, I noted that:

      • I have crash reports ^strstr() expects at least 2 parameters^ as reported a week ago
      • and I now also discovered that configuring that some portforward rules do not look the way they are configured.

      Example

      0a9e3ad4-c877-4a91-a471-554bcdb3d4eb-image.png

      In the ^old^ picture above you see that the field ^Dest. Ports^ and the field ^NAT ports^ are both populated with ^VoIP_ports^.

      If I define the same rule the same way in the actual version, the config seems different ....

      54b98769-9ca9-42db-950b-eeaae12932d0-image.png

      Despite the fact that the rule was configured the same way, the field ^NAT ports^ fields shows "any" ...

      And what is more ..... the old config did work in the past ..... where the new config ..... does not

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by stephenw10

        How did you create the rule? I can't replicate that it works as expected for me using:

        Firewall_NAT_Port_Forward_Edit.png

        Results in:
        Screenshot from 2022-05-06 16-33-52.png

        Steve

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          And omitting the target ports fails the input validation as expected.

          1 Reply Last reply Reply Quote 0
          • L
            louis2
            last edited by

            Here what I seen using the latest snapshot release

            f09ecdd5-e2a5-4a1d-aba8-84136e926e5e-image.png

            ad71fbc4-5fc9-42ca-877f-007f811fe2b1-image.png

            And if I also fill the to port field, it is the same

            5ab20e07-1407-4794-bfea-a7e949cfc489-image.png

            2ff0b8d0-51a3-4048-b961-91d9a373e86f-image.png

            and if I remove the advance source input criteria .....
            again the same "Nat Ports fields" stay any .....

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Oh, I think it's because I'm testing a private snapshot and this has already been fixed:
              https://redmine.pfsense.org/issues/13126

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.