Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding not working when IPsec (all traffic from LAN) is enabled

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xl
      last edited by

      Hello!

      We have pfSense box with WAN interface and some port forwarding rules on it to LAN hosts.
      Not long ago we subscribed to service that protects our traffic, we setup ipsec tunnel to that service and all outgoing traffic from our LAN network goes thru ipsec.
      When tunnel is up port forwarding WAN -> LAN not working. We got CLOSED:SYN_SENT in states. So I think reply from LAN host goes to ipsec tunnel and not to WAN.

      I tried to add WAN gateway in firewall rules to some of LAN hosts (when I do this, hosts can't reach anything in internet).
      I also tried to add Outbound NAT rule (like when LAN host have other gateway).
      But nothing is working.

      How to force LAN host to send traffic thru WAN gateway instead of ipsec? Or how to get Port Forwarding work when we have ipsec tunnel that redirects all traffic from LAN?

      1 Reply Last reply Reply Quote 0
      • Z
        zbych
        last edited by

        I have the same problem in version 2.4.1. Did you find any solution?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.