PfSense NAT / port forward not working from Tailscale since update 23.01

Robovic

I'm having an issue with our network setup using the netgate 2100. We have been using this setup as a subnet router to access our remote systems on IPs 192.168.1.0/24. To avoid IP conflicts, we use 1:1 NAT on the LAN interface to convert IPs to 10.0.0.0/24, 10.0.0.1/24, etc.

However, we recently updated to PFSense version 23.01 from 22.05, and since then, we are experiencing problems with the 1:1 NAT when accessing from Tailscale. While the NAT works correctly when accessing from WAN or LAN, traffic from Tailscale does not get translated. It appears that the traffic originates from LAN and is not being translated and still trying to reach 10.0.xx network.

Here are the configurations that are working on PFSense 22.05 :

1. System → Routing → Gateways: Added a gateway with IP 192.168.1.1 on LAN interface.
2. System → Routing → Static Routes: Added a route with network 10.0.0.0/24 to gateway 192.168.1.1.
3. Firewall → NAT → 1:1: Added a mapping in LAN interface with external IP 10.0.0.0 and internal IP LAN net.
4. VPN → Tailscale → Settings → Added an advertised route 10.0.0.0/24.