Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT filter rule association

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 644 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      laeuchli
      last edited by

      Dear All,
      I have a question regarding NAT filter rules. I have inherited a system of VMs. One of the VMs is a pfsense server. Based on the incoming port of the request it applies a NAT rule. This redirects to another set of pfsense servers, which filter the traffic to the correct VM. This is all to direct RDP to the right VM based on the initially provided port.

      When I connect from the subnet the pfsense server is in the rules work correctly. However, we also have a public facing IP. The external firewall of my institution(not under my control), forwards all traffic from this IP to the pfsense server. Now we come to the part I dont understand. If in my main pfsense server NAT rules I select NAT filter rule association to none, then the rule works. If I set it to "pass" the rules fail to work for external connections, internal subnet connections work fine.

      I do not understand what the issue is. If I select pass, it should simply pass and the rdr phase should kick in right? To me that seems more likely to work than selecting none, but none is what goes through.

      If you can, please help me understand why my fix works.
      Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.