PFSense 2.1 Release - NAT Reflection not working
-
Exactly the way I normally handle remote support to external clients.
@Daniel.Rollins:
I would be open to using teamviewer or similar to provide access while I watch but I can't just hand out passwords for remote access, especially to people I don't actually know.
-
It would be sort of hard to pull a fast one with someone watching every move unless they didn't know anything about the box at all. :P
-
Depending on the setup…. :)
I dont think it would be that timeconsuming. Maybe a couple of hours maximum.
-
When would you be available to do a Team Viewer session and try to figure this out?
-
What part of the world are you in Daniel?
-
Utah (Mountain Time) Currently UTC-6.
-
Perfect. Catch you on PM.
-
Problem solved!
-
I'm dying with curiosity - What was the problem?
-
On the LAN interface configuration under Static IPV4 Configuration, the gateway should be set as none but I had it set to an internal address on my network. I guess it confused PFSense or something. The fix was to set the gateway back to "none".
Thanks to Supermule for solving that one!
-
Really? I never would have guessed:
Second page of thread, halfway down:
"I've seen that gateways have been renamed or changed mysteriously upon upgrade by some.
In one case it just killed his RRD data.In another case the gateway inserted its self into the openvpn and WAN firewall rules.
Could some sort of gateway rename/change/insertion have happened to you?
I'm reaching…"
haha - But yeah. I think supermule would have known it anyway.
I'm going to put the words "please ignore this" at the bottom of all my posts from now on. ;D
-
It was a pleasure working with Daniel and nice to meet a fellow pfsense'r!! :)
-
Really? I never would have guessed:
Second page of thread, halfway down:
"I've seen that gateways have been renamed or changed mysteriously upon upgrade by some.
In one case it just killed his RRD data.In another case the gateway inserted its self into the openvpn and WAN firewall rules.
Could some sort of gateway rename/change/insertion have happened to you?
I'm reaching…"
haha - But yeah. I think supermule would have known it anyway.
I'm going to put the words "please ignore this" at the bottom of all my posts from now on. ;D
Well, the difference is that it didn't somehow change during an upgrade or something, I set it that way thinking that was the way it was supposed to be set. I did pay attention to the above statement but when I checked the gateways everything was as I set it.
-
Haha - Just giving you minor crap…
I can see that happening. Just yesterday I didn't think I could effectively run several websites off my one IP and kurianoftheborge (or something like that) set me straight. (At least I think so - haven't tried it yet).
-
Why cant you do that? Its either controlled through pfsense or the webserver delivering the sites :)
-
I'm not a website admin guy so yeah - Lets just say its new info to me. I've not ever had a need for a reverse proxy, but if I did, clearly that would save me some $$$.
-
Its only needed if you deliver sites to different servers. If you have only one webserver with multiple sites, its fine with one ext. ip.
-
Well - As of yesterday I understand it it fine, but the day before that I didn't know that a reverse proxy could work with HTTPS like that. Every day its something new…
-
Hi all,
I would like to ask a question. When enabling the NAT Reflection mode for port forwards to NAT+proxy in pfsense 2.1 stable, does it break the ftp proxy helper? I am trying to login through ftp to a device (from outside my network) with passive mode, with only port 21 forwarded to the IP of the device on lan (outside port is 57483) , but i get error on passive mode on filezilla client, like the many errors i have found for the ftp problems in posts on this forum. The problem is that the nat helper does not automatically configure the range for passive transfers, so i should disable the helper and forward a range of ports, but i would prefer this done automatically.
Thank you.
-
Hi all! I have same trouble, but my lan gw is already none.
Simple config, i have two int WAN and LAN, pfsense is VM, 64bit.NAT:
WAN TCP * * WAN address 15555 10.20.0.253 15555Firewall:
IPv4 TCP * * 10.20.0.253 15555 * none NATPortforward not working.