NAT Pain (Multiple PfSense, Virtual And Physical Networks)
I'm having trouble getting my solution to work. Basically I'm trying to setup a 1:1 NAT from two different networks (one is my LAN, and another is a LAN behind another pfSense machine - see diagram): https://s27.postimg.org/4ahyyzn2b/network.png
I basically need to be able to go from Server A (192.168.1.131) to Server B (10.0.2.5) and any other server on the NAT network (10.0.2.1/24) using a variety of different ports (HTTP/HTTPS/UDP ports, TCP ports, etc).
The connection kind of works, from going out from Server B to Server A but I am experiencing packet loss when the connection is initiated from Server A to Server B in the opposite direction.
The virtual pfSense server has the WAN set to the 192.168.1.130 port and LAN set to the 10.0.2.1 port.
I've tried the following:
Configuring a VIP on the virtual pfSense server and setting up 1:1 NAT
Removing the default restrictive WAN rules on the virtual pfSense machine (RFC rule etc)
Setting up a gateway/static route on the physical network for 10.0.2.0/24 via 192.168.128.130
Various other firewall rules to no avail.
Any help setting this up would be appreciated!
KOM last edited by
There should be no NAT config required. This should just work with basic routing, assuming your firewall rules are good. Post both firewall rules for the WAN & LAN interfaces, then blow away any weird NATs you may have created and start fresh.