Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi-wan, Multi-lan, no load balancing or failover, port forwarding not working

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 910 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      andydhamm
      last edited by

      Hey Guys! First off, thanks for the countless hours of effort put into the forms. It's been keeping me afloat…until now.

      I cannot for the life of me get port forwarding to work correctly from WAN2 to LAN2 (Or even to LAN1, when LAN2 didn't exist)

      Network diagram is as follows:

      ISP---WAN1----\                      /----LAN1(10.1.1.0/24)----Server 1
                              \                    /
                                > PFSense <
                                /                   
      ISP----WAN2----/                      ----LAN2(10.1.2.0/24)----Server 2

      NAT port forwarding policies have been created as follows:

      If Proto  Source/Port Dest. addr. Dest. ports NAT IP NAT Ports
      WAN2 TCP * * WAN2 address 25 (SMTP) 10.1.2.242 25 (SMTP)
      WAN2 TCP * * WAN2 address 80 (HTTP) 10.1.2.242 80 (HTTP)
      WAN2 TCP * * WAN2 address 443 (HTTPS) 10.1.2.242 443 (HTTPS)
      WAN2 TCP * * WAN2 address 3389 (MS RDP) 10.1.2.242 3389 (MS RDP)

      *All polices have associated fules configured, below are the rules that were created by the NAT policies above

      WAN2 Rules

      Proto Source/Port Destination Port Gateway
      IPv4 TCP * * 10.1.2.242 80 (HTTP) WAN2_DHCP
      IPv4 TCP * * 10.1.2.242 443 (HTTPS) WAN2_DHCP
      IPv4 TCP * * 10.1.2.242 3389 (MS RDP) WAN2_DHCP
      IPv4 TCP * * 10.1.2.242 25 (SMTP) WAN2_DHCP

      **Remote desktop is only enabled as a quick way to test for connectivity
      ***All rules have the gateway configured as "WAN2_Gateway"

      LAN2 Rules

      Proto  Source        Port  Destination  Port  Gateway
      IPv4*  VLAN2 net  *      VLAN1 net    *      *
      IPv4*  *                *      *                    *      WAN2_DHCP

      Notes:
      Both WAN interfaces are configured via DHCP
      The WAN interfaces are NOT in an interface group
      Sticky connections are turned off
      Reply-to is enabled in advanced settings as well as on every rule
      LAN2 is restricted to ONLY use WAN2 which IS working
      A nearly identical set of rules for WAN1 exist to a different host and those are working correctly
      Before LAN2 existed I could make the NAT policies on either WAN1 or WAN2 work by making either WAN1_DHCP or WAN2_DHCP the default gateway, or in other words the NAT policies only work if the interface specified in them is made the default route

      Does anyone have any idea what I'm missing?
      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.