Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Virtual IP in 2.2.3 doesn't seem to be working after upgrade

    Scheduled Pinned Locked Moved NAT
    3 Posts 3 Posters 681 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pdrass
      last edited by

      2.2.3-RELEASE (amd64)
      Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
      Current: 332 MHz, Max: 2660 MHz
      2 CPUs: 2 package(s) x 1 core(s)

      Just upgraded from 2.2.1 > 2.2.3

      It went pretty well BUT my virtual IP setup is working & not working.

      I had 5 vip's setup - those are ALL still working after the upgrade.  But when I add a new vip the exact same way I added the other 5 prior to the upgrade I can't get it to work.

      For example:

      vip:  7.7.7.6 > NATs to > 10.0.10.6:443

      When I go to https://7.7.7.6 > I get the PFSense web interface which is on 10.0.10.1.  It's supposed to logically go to 10.0.10.6 but doesn't!

      Any thoughts on this?

      My steps:

      Firewall > Virtual IPs > IP Alias is ticked > Add my IP:  7.7.7.6/27 > Save
      Firewall > NAT > + button at the bottom right > Interface = WAN > Protocol = TCP > Destination Type: Drop down to "7.7.7.6 (hostname.here) > Destination Port Range:  https to https > NAT Reflection = system default > Filter rule association = can't remember but I always let it auto generate one so it shows up as a firewall rule.
      Firewall > Rules = the filter rule association was made, shows that any inbound port can go to 10.0.10.6 on port 443

      I've also tried re-doing the entire setup for that new vip, trying 1:1 NAT, etc, etc but can't get it to show me anything but the darn PFSense login page.

      It's quite frustrating since the other rules work!  Fingers crossed they KEEP working.

      I'm still plugging away and quadruple checking my settings.  Maybe it's late and I'm going cross eyed.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        @pdrass:

        My steps:

        Firewall > Virtual IPs > IP Alias is ticked > Add my IP:  7.7.7.6/27 > Save
        Firewall > NAT > + button at the bottom right > Interface = WAN > Protocol = TCP > Destination Type: Drop down to "7.7.7.6 (hostname.here) > Destination Port Range:  https to https > NAT Reflection = system default > Filter rule association = can't remember but I always let it auto generate one so it shows up as a firewall rule.
        Firewall > Rules = the filter rule association was made, shows that any inbound port can go to 10.0.10.6 on port 443

        I'm missing Redirect target IP + port here.
        ??

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Sounds like you don't have reflection enabled for 1:1?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.