PFSense 2.1 Release - NAT Reflection not working
-
Yes, 64-bit. I also did another test and enabled the Windows 7 Simple TCP/IP Services so that I would get a "quote of the day" if I telnet to port 17 then setup a port-forward and enabled the NAT-Reflection. I can get to that port from outside the network and from inside the network using the internal IP address but still cannot get to it from inside via the External IP. so I know for sure the ISP has nothing to do with it. I also tried putting the Windows machine on the actual LAN subnet and tested again but it still does not work (ruling out the router and additional subnets).
-
Please backup your settings, download the 32bit version install it, restore your settings and try all the same things again.
This is an experiment. I've encountered several recent examples of things working fine in 32bit but not in 64bit.
Please humour me. -
Tried 32-bit version, still did not work.
-
Well - Thats good, for 64bit version anyway.
I really don't know at this point. Question.
Can you post your firewall rules for the WAN and LAN?
(Never mind - I'm an idiot. I see them)
-
I've seen that gateways have been renamed or changed mysteriously upon upgrade by some.
In one case it just killed his RRD data.In another case the gateway inserted its self into the openvpn and WAN firewall rules.
Could some sort of gateway rename/change/insertion have happened to you?
I'm reaching…
-
The gateways all seem to be OK. Is there a specific thing I should check? I had this problem before the upgrade as well and that was a new install.
-
As you said earlier, it may be a problem with the way you configured your DMZ. I'm out of swags at this point.
Thats the old Scientific Wild-Ass Guess
or in my case the Super Wild-Ass GuessNot the new urban dictionary hijacked swag.
-
Is it possible to have remote access to the thing?
-
No, sorry.
-
You can use teamviewer to remote in if its installed on a connected computer.
-
It would be a lot easier to see whats wrong since I have NAT reflection here and its working fine.
-
I would be open to using teamviewer or similar to provide access while I watch but I can't just hand out passwords for remote access, especially to people I don't actually know.
-
You should sit and watch and type all the passwords. Thats what is good about teamviewer… Otherwise I'd just suggest he SSH into your pfsense, proxy back a port and handle it via proxy, which is not smart for you unless you trust alot.
-
Exactly the way I normally handle remote support to external clients.
@Daniel.Rollins:
I would be open to using teamviewer or similar to provide access while I watch but I can't just hand out passwords for remote access, especially to people I don't actually know.
-
It would be sort of hard to pull a fast one with someone watching every move unless they didn't know anything about the box at all. :P
-
Depending on the setup…. :)
I dont think it would be that timeconsuming. Maybe a couple of hours maximum.
-
When would you be available to do a Team Viewer session and try to figure this out?
-
What part of the world are you in Daniel?
-
Utah (Mountain Time) Currently UTC-6.
-
Perfect. Catch you on PM.