NAT 1:1 not working on some but does on others



  • Hi. I have 8 rules setup the same way with all different virtual IP some work and some don't. IS there a limit to how many virtual IP I cna have with the same port open?

    IF i try it local on teh lan net it works and I can RDP to the server. IF it try it on the external address it will not work. prompts for user ip and address but the port 3389 will not open. THis is setup same as my other ones that work.

    I set virtual IP section adn then try to ping the ip and it works.

    I go to 1:1 nat section and set virtual ip (Public) to internal ip (LAN) same as the others that work
    then I set a rule to allow 3389 to that internal ip same as the others that work. But this one doesn't work. it works on internal ip but not external ip.
    Any ideas would be helpful
    version is 2.2.6



  • Try a simple port-forward instead of a 1:1 NAT.

    If you more help, post screens of your NAT rules and sanitized WAN rules.



  • OK did some trouble shooting. It looks like it is passing traffic from the IP to a different server. Looks like a issue with the nat

    I set the virtual IP same as all the others and all them work but this one. I have 6 servers set to use NAT different IP but port is the same 3389

    I set external subnet ip to xx.xx.xx.22  I set Internal IP to 192.168.1.21  I then set a standard rule to allow traffic to that port.  But it maps to 10.10.100.11 instead and that is not in a nat at all it is a port forward for 10.10.100.11. I have 6 of these they all work but this one and I even tried to use a different public ip and I changed teh internal IP but still it will not map to 192.168.1.21 like it is told to in the NAT. I do have other rules on teh 192.168.1.0 net so it not the net the otehr servers work fine. Any idea?





  • LAYER 8 Netgate

    Then you probably have some other rule performing that NAT to 10.10.100.11 instead.

    Post screenshots of your port forwards, your 1:1s, and your rules.

    Or:

    Diagnostics > Command Prompt

    cat /tmp/rules.debug

    Send that output to me in a PM.


Log in to reply