• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Port forward NAT + accessing NATed Services

NAT
2
7
2.8k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    jan.gestre
    last edited by Sep 22, 2006, 3:03 PM

    i used port forward NAT in my DMZ coz i have no luck making 1:1 NAT to work and i have read that there is a workaround accessing NATed services within the LAN, so i enabled the NAT reflection in the advanced page however i still can't view the NATed services using its hostname or public ip, so i added in the dns forwarder page the override for the said services and now i'm able to access it via its hostname/public ip, my question is, am i doing it right? is this how it is suppose to be?

    TIA

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by Sep 22, 2006, 11:16 PM

      You have set up split DNS. This is one possible solution. However natreflection with portforwards should have worked as well if set up correctly. I'm using natreflection to access hosts with portforwards to the DMZ from LAN at the office without issues.

      1 Reply Last reply Reply Quote 0
      • J
        jan.gestre
        last edited by Sep 23, 2006, 2:32 PM

        so my configuration is ok? i have another question though regarding 1:1 NAT, why is it that i having problem with 1:1 setup, i can only access one of the website but not the other website we are hosting and the webmail interface of our mail server although i have configured a dns forwarder override for it.?

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by Sep 23, 2006, 8:21 PM

          1:1 NAT doesn't work for nat reflection but it should work with split dns. When you say it doesn't work, do you mean for connections coming from WAN to your host ot from lan?

          1 Reply Last reply Reply Quote 0
          • J
            jan.gestre
            last edited by Sep 26, 2006, 4:53 PM

            i can only access via its NATed ip within the LAN, while i can only see one website from outside LAN while the webmail and another website is not accessible. any ideas why?

            1 Reply Last reply Reply Quote 0
            • J
              jan.gestre
              last edited by Sep 26, 2006, 5:19 PM

              my 1:1 NAT is working already, it seems odd coz i just followed the documentation on monowall, dunno why it doesn't work outright, i happened to browse the archive and saw one thread regarding issues with 1:1 NAT, his solution was to add a VIP, and whooalla it's now working for me, i also removed the entries in the DNS forwarding page for my port forwarding configuration, my pfsense configuration is now a combo of port forward and 1:1 NAT, thanks for your pointers hoba, you're a great help :)

              1 Reply Last reply Reply Quote 0
              • H
                hoba
                last edited by Sep 26, 2006, 7:19 PM

                You always need a VIP to make use of additional IPs on an interface. It won't work without. This is something that is different from m0n0.

                1 Reply Last reply Reply Quote 0
                4 out of 7
                • First post
                  4/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.