Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Problems with nat

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      josorio1991
      last edited by

      colleagues recently started to set up a pfsense on my network and as usual I already have the first problem.

      I put them an example of the data structure exist and everything done.

      WAN - 192.168.157.2/28
      LAN - 10.20.80.2/27
      OPT1 - 172.16.0.1/24

      I have a virtual IP 10.20.80.3 created to be the proxy server on the LAN, and I have several configured physically containing IPs of the OPT1 class, including a proxy server with the IP 172.16.0.3 servers.

      To share that server with the LAN, I create a nat with the following property,

      Interface: LAN
      Protocol: *
      Source Address: *
      Source Ports: *
      Dest. Address: 10.20.80.3
      Dest. Ports: 3128
      NAT IP: 172.16.0.3
      NAT Ports: 3128

      So far so good, the problem is that when I try to connect from the LAN with an IP 10.20.80.10 to 10.20.80.3 proxy, the server does not answer me.

      So I went and revice logs to see and I run this:

      LAN tcp 172.16.0.3:3128 (10.20.80.3:3128) <- 10.20.80.10:1762 CLOSED: SYN_SENT 2/0104 B / 0 B
      OPT1 tcp 10.20.80.10:1762 -> 172.16.0.3:3128 SYN_SENT: CLOSED 2/0104 B / 0 B

      Well, here every problem, I would appreciate your help with the issue as soon as possible, thanks in advance.

      PS: I know that the LAN IPs are class A, but I have disabled blocking these IPS.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        The traffic's passing and getting no reply. Either the proxy server isn't replying, or its reply isn't going back to the firewall to get translated back (may need source NAT as well depending).

        1 Reply Last reply Reply Quote 0
        • J Offline
          josorio1991
          last edited by

          Sorry for the inconvenience, but I'm new to using the pfsense, you could be more specific.

          1 Reply Last reply Reply Quote 0
          • C Offline
            cmb
            last edited by

            Looking at your description again, the proxy's on a diff subnet from the clients, so the source NAT part isn't necessary.

            Seems like either the proxy isn't replying, or its default gateway is pointed somewhere other than 172.16.0.1.

            1 Reply Last reply Reply Quote 0
            • J Offline
              josorio1991
              last edited by

              sorry but I'm still having the same problem, the pfsense still gives the same answer when the connection runs

              SYN_SENT: CLOSED
              CLOSED: SYN_SENT

              In this can influence the servers that are making the point on the LAN, whether they are virtualized in Proxmox ??

              1 Reply Last reply Reply Quote 0
              • C Offline
                cmb
                last edited by

                SYN_SENT:CLOSED means it sent the SYN to the destination, and got no SYN ACK in response. The proxy isn't replying back, or is sending its reply to the wrong place.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.