Reflection just won't work.

hoba

The more I look at your otbound NAT config the more I am puzzled. I think you don't need it at all. Try disabling AON again and retest. There is nothing in there that is not handled by the default natting that is present when AON is disabled. Well, there are even some things missing in your manual outbound nat configuration I think.

BVZVC

I need the outbound NAT because I the LAN to only go out on WAN_CABLE

hoba

No, wrong. Only firewallrules determine what goes out which wan. Outbound nat only specifies wether the traffic is natted or not.

BVZVC

Switched to Automatic outbound NAT.

Exact same scenario.

hoba

Try diagnostics>states, reset states. Then retest nat reflection.

BVZVC

Still a no go. Does this have to do with the MultiWAN?

hoba

I have 3 wans and 6 internal subnets at the office with a CARP setup and even vlanned. Reflection is working just fine. Don' know why it's not working for you. I'm out of ideas  ???

BVZVC

I've even re-installed pfSense

cmb

If you're using 1:1 NAT, reflection won't work, but that doesn't appear to be the case. It also doesn't work for ranges of more than 500 ports, but you don't have that either.  Do you see anything relevant in the system log?

BVZVC

nothing gets blocked.