Redirect outbound traffic on port range to internal IP.



  • Hi i am quite new to pfSense having recently moved from a variety of linux firewall solutions.

    My main reason for changing, was so that i could correctly set up a server to be accessible internally and externally. At the moment it is only accessible externally.

    To get it working correctly i am required to redirect Outbound traffic from the LAN on ports 9000:9020 to an internal LAN IP Address. I have tried to use Portforwarding on the LAN interface to achieve this unsuccessfully. And have also dabbled in using Outbound NAT but i have no real idea how this works.

    So in port forwarding the two rules i am dealing with are:
    WAN  TCP/UDP  9000 - 9020  10.X.X.X (ext.: 220.X.X.X)  9000 - 9020 
    LAN  TCP/UDP  9000 - 9020  10.X.X.X (ext.: any)  9000 - 9020

    The WAN rule works perfectly as i am able to access the service externally. Yet internally due to the way this particular service works i am unable to connect to it. I was hoping the LAN rule may make this possible? yet it doesnt seem to work. Should i be using Outbound NAT instead?

    Any insight on the correct method i should be using would be greatly appreciated.

    Cheers,
    David



  • Could you clarify to what IP you're connecting?

    If it's the WAN IP you can just enable NAT reflection.
    http://forum.pfsense.org/index.php/topic,7001.0.html



  • Well the IP i am connecting to is the internal IP, yet due to the way the server software works (it is an incredibly alpha peice of software that really doesnt function exactly as it should) it does cause some wierd router loopback issues, even though i am connecting to the internal IP. So im not sure whether it is the client machine that has the loopback issue or the server.

    Either way i shall try NAT Reflection asap as this sounds exactly what i am after. Thanks for the tip.


Locked