PortForward NAT 1:1

artware · Dec 5, 2014, 9:34 PM

Helo, I have a little problem.
Last pfsens 2.1.5, with pptp, openvpn, proxy, everything is working, but I cannot resolv 1:1 nat and port forwarding
Configuration:
Pfsense:
wan IP (1.2.3.4) ____Lan IP 10.1.1.201 with gw 10.1.1.1

webserver:
lan 10.1.1.66 with gw 10.1.1.1

I can ping 10.1.1.66 from 10.1.1.201, and from wan like source
Portforward and nat1:1 is working only if I'm changing gw of 10.1.1.66 to 10.1.1.201

But i want to keek gw for both servers to 10.1.1.1 and portforward and nat1:1 is not working.
Help,please, any ideea?

KOM · Dec 5, 2014, 9:43 PM

I'm sorry but your description is a little confusing. What is at 10.1.1.1? Usually for your LAN devices, their gateway would be the pfSense LAN address of 10.1.1.201. If you want NAT to work via your 10.1.1.1 router then you're going to have to configure that device, whatever it is. Maybe I'm misunderstanding something.

artware · Dec 5, 2014, 9:47 PM

10.1.1.1 is main router, Cisco, router concentrator for 30VPN MPLS locations, is maintained by provider.

KOM · Dec 5, 2014, 9:50 PM

I believe that you must configure the Cisco to do your port forward if it's going to be the gateway.

artware · Dec 5, 2014, 9:57 PM

My Cisco is only for internal routes, and static route to internet, has no internet connection!

KOM · Dec 7, 2014, 12:18 AM

Do you have NAT Reflection enabled?

artware · Dec 9, 2014, 12:13 PM

Enable NAT Reflection for 1:1 NAT – enable/checked
Enable automatic outbound NAT for Reflection -- enable/checked

My main problem is portforwarding, NAT 1:1 is a second problem.

KOM · Dec 9, 2014, 2:57 PM

How are you validating your port forward? From pfSense WAN side or from Cisco LAN side? Does the Cisco know about the pfSense box and routes its Internet traffic through it?