Dual Wan Nat Outbound pfsense 2.7 stopped working
-
Hello,
I have a setup where the pfSense is connected to two WANs (each on its own interface).
I have several services (SMTP, HTTP), that are NATed to internal hosts.
In pfsense 2.6, when the connection came from the secondary WAN it would go out through the same interface.
But since I upgraded to version 2.7, the packets always go out through the main WAN interface, causing the connection not to work.I didn't change any configuration after the upgrade.
I'm using Automatic outbound NAT mode.Can you help troubleshoot this or provide insight on what may have to be changed?
Thanks in advance.
-
@gmadeira said in Dual Wan Nat Outbound pfsense 2.7 stopped working:
I have several services (SMTP, HTTP), that are NATed to internal hosts.
Ensure that there is a firewall pass rule on the respective WAN interface matching the incoming traffic. E.g. if you select "associated filter rule" in the NAT rule, a proper rule is created.
However, also ensure that there is no pass rule on an interface group or a floating rule matching the forwarded incoming traffic.
If you're unsure that the proper interface rule matches, enable the logging in all pass rules and check the firewall log after connection attempt.
Basically this behavior didn't change in 2.7 though.
-
@viragomann , thank you.
It was indeed a floating firewall rule that was causing the problem.
After disabling it, all is working as expected again.