NAT 1:1 not working on third WAN interface



  • Hi there,
    After using pfsense happily for a few years in bridged mode in front of several dedicated servers, I am now bringing these servers in the cloud. In the new environment it's not possible to use PFsense in bridge mode so I've set it up in front of a local network (192.168.0.1/24) and use NAT 1:1 to connect the public IP addresses to the local IP's. Pfsense has 10 public IP addresses (DHCP and different IP ranges) and 1 local (Static). I setup a 1:1 NAT and a firewall rule (all ports from all sources may go to all destinations) for every server. On the LAN interface I have the same rule.
    Now I can use PFsense using the WAN address for WAN and the first 2 servers behind the firewall are running without problems. However, the third and fourth server are not reachable from outside. They have the same rules and can ping outside.
    PFsense is Version 2.3.2-RELEASE-p1 (amd64)

    Any help is highly appreciated  :)



  • OK,
    Now the third interface is working partly. I can reach the server by ssh, but not by dns or ping. Besides the 1:1 NAT I also made a port forwarding rule for udp/53 and now dns is also reachable  :P
    Maybe the different subnets are a problem. The firewall has ip's on these subnets: 185.110.174.x (2 ips of which one is WAN interface), 185.110.174.x, 213.187.240.x, 185.110.172.x, 185.110.175.x and offcourse 192.168.0/24

    Can these subnets be a problem?

    Thanks,
    Roger


Log in to reply