Routing from private lan to private lan on public wan

eradicator006

For the past day I've been trying to get my IPTV boxes working from behind pfsense and not through the provided gateway.  I'm having some troubles.  TV works fine for a few hours then it drops out completely.

My WAN interface goes directly to my ONT and it's a configured as a vlan.  TV and internet use the same vlan.  IGMP proxy is configured and corresponding rules are on the WAN interface.  IPTV boxes are on a separate internal vlan from my main network with it's own dhcp server (configured if pfsense).

Running tcpdump on the vlan interface on pfsense I see this:

09:38:15.927960 IP (tos 0x58, ttl 128, id 482, offset 0, flags [DF], proto TCP (6), length 52)
    172.16.1.65.1046 > 10.37.253.25.443: Flags ~~, cksum 0x69af (correct), seq 14502443, win 65535, options [mss 1458,nop,wscale 2,nop,nop,sackOK], length 0

I'm pretty sure this is for registration.  If my IPTV box doesn't get a reply from the registration server it will not work.  These requests send out ever 5 minutes.

Anyway, my question is; How do I get my IPTV boxes on 172.16.1.0/24 to talk to 10.37.253.25 which is on the WAN?

I'm also seeing this when the IPTV boxes don't work, any idea what it is?

09:38:15.123459 3c:df:a9:0f:17:9b > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88b7), length 60:
0x0000:  0026 8640 0005 0006 003c dfa9 0f17 9b00  .&.@…..<......
0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
0x0020:  0000 0000 0000 0000 0000 0000 0000      ..............~~