Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT 1:1 not working on third WAN interface

    Scheduled Pinned Locked Moved NAT
    2 Posts 1 Posters 613 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      Woger
      last edited by

      Hi there,
      After using pfsense happily for a few years in bridged mode in front of several dedicated servers, I am now bringing these servers in the cloud. In the new environment it's not possible to use PFsense in bridge mode so I've set it up in front of a local network (192.168.0.1/24) and use NAT 1:1 to connect the public IP addresses to the local IP's. Pfsense has 10 public IP addresses (DHCP and different IP ranges) and 1 local (Static). I setup a 1:1 NAT and a firewall rule (all ports from all sources may go to all destinations) for every server. On the LAN interface I have the same rule.
      Now I can use PFsense using the WAN address for WAN and the first 2 servers behind the firewall are running without problems. However, the third and fourth server are not reachable from outside. They have the same rules and can ping outside.
      PFsense is Version 2.3.2-RELEASE-p1 (amd64)

      Any help is highly appreciated  :)

      1 Reply Last reply Reply Quote 0
      • W
        Woger
        last edited by

        OK,
        Now the third interface is working partly. I can reach the server by ssh, but not by dns or ping. Besides the 1:1 NAT I also made a port forwarding rule for udp/53 and now dns is also reachable  :P
        Maybe the different subnets are a problem. The firewall has ip's on these subnets: 185.110.174.x (2 ips of which one is WAN interface), 185.110.174.x, 213.187.240.x, 185.110.172.x, 185.110.175.x and offcourse 192.168.0/24

        Can these subnets be a problem?

        Thanks,
        Roger

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.