NAT Reflection appears to die PERMANENTLY after configuring a transparent Squid

  • NAT reflection has been working on my pfSense box for a couple of weeks.
    Last night I (unwisely) installed squid and enabled transparent proxy, with the intent of using it to cache windows updates.

    Came in this morning to find that NAT reflection has stopped working.
    Disabled the transparent proxy after reading about issued with squid and NAT reflection, but still broken.
    Uninstalled squid package, and rebooted pfSense box, NAT reflection still borked.

    Using split DNS for now, but prefer reflection to be working.

    My setup is dual WAN with the two ports setup as failover.

    Packet capture on the LAN interface shows packets hitting port, but no reply.

    Not sure how to troubleshoot beyond this point on pfSense, so any help would be appreciated.


  • Traffic initiated from the host itself, as in the case of squid, does not hit reflection. You need split DNS in that case.

  • do you have limiter? it kills NAT reflection im sure that squid in transparent mode does not kill it unless its new on 2.3 im running on 2.2.4

