PfSense not forwarding NLB address to open ports



  • Hello,

    I have 3 x  Windows Server 2008 R2 servers on a Terminal Server farm with Network Load Balancing, this RDP has been working for 6 years.

    We just replaced the router to pfSense router, I have had experience with pfsense in the past so i know a few things here & there but i am not that knowledgeable in it.

    Let me explain the scenario.

    My ISP cable goes into the WAN port (Public IP)

    LAN cable goes into a switch which then connects the 3 terminal servers & domain, WebSrv etc.

    Domain: 192.168.1.10

    Webserver: 192.168.1.15

    TS1: 192.168.1.11

    TS2: 192.168.1.12

    TS3: 192.168.1.13

    NLB IP: 192.168.1.14

    Before I had configured the ip 192.168.1.14 port 3389 in the old router which would then redirect users to the Terminal servers which ever were less utilized.

    In the pfSense router I've added a NAT rule as per the image below, which i believe is correct. but the port is not open. I've also checked the Firewall Rule

    All other ports that were configured are open and accessible.
    If I Change the NLB IP from 192.168.1.14 to any of the TS ip addresses the port opens and works but then i don't have load balancing.

    Is there anyone that can help me get this done? I need it working by monday.


  • Rebel Alliance Developer Netgate

    Do you see any errors in the system log for that? Seems like you might be hitting this:

    https://doc.pfsense.org/index.php/Upgrade_Guide#Microsoft_Load_Balancing_.2F_Open_Mesh_Traffic