1:1 NAT on new setup not working

hippymill

My pfsense died a few day ago, and I had to configure a new setup.  I have a /29 block of static IP's from my ISP.  I use one of these on my firewall WAN, and need to nat one address into the network.  I have this set up exactly as I had it before(I think), but it does not work.  I attached pics of the appropriate screens. I get no traffic to pass, and no logging on any firewall rules attached to the nat address. need some help.  thanks

chpalmer

Looks right.

Try changing your virtual IP to alias…

Other should be fine but the change may jar things...

http://doc.pfsense.org/index.php?title=What_are_Virtual_IP_Addresses%3F

cmb

You most likely cannot use Other type VIPs on your WAN subnet, you'll have to have L2 responses, so PARP, CARP or IP Alias must be used.

chpalmer

@cmb:

You most likely cannot use Other type VIPs on your WAN subnet, you'll have to have L2 responses, so PARP, CARP or IP Alias must be used.

Yea- what he said! ;D

Thanks Chris!

(bows head)

hippymill

@chpalmer:

Looks right.

Try changing your virtual IP to alias…

Other should be fine but the change may jar things...

http://doc.pfsense.org/index.php?title=What_are_Virtual_IP_Addresses%3F

this did it.  Thanks.