[SOLVED]Nat problem with dual wan
-
Hello every one ,
i'm new on using pfsense 2.3 , i need help about setting up the right network ,
first , i have two WAN , bouth on the PPPOE mode ,
i used 3 NIC , 2 for the wans and 1 for lan ,
wan_1 : 192.168.5.1/24
wan_2:192.168.7.1/24
lan : 192.168.2.1/24before using , NAT FROM modem huwei works fine , after using the pfsense router , with load balancing and failover , and configuring NAT , like all tutorials , i doesn't work ,
and i have a problem with one of my gateways ( 192.168.7.1 ) always showing ( offline ) "" it's another problem , the main problem is the nat .where is wrong on my configuration ?
-
Hi. ;)
We will need to see some screenshots of your NAT, gateway and interface setup at least to be able to diagnose that.
It would be much better to put the upstream modem/routers in modem only (bridge) mode and run PPPoE sessions on pfSense directly. As it is you have dual NAT which makes configuring stuff like port forwards much harder.
Steve
-
Thank you stephenw10 ,
i already change my modem to bridge mode , no whene testing open ports , i found the 80 , 443 and 53 ports open , not the forwarded one
-
Ok, a couple of things I can see there.
In general you should be running the most recent version, 2.3.3_p1, and you should be running 64bit. The 32bit version you have there will not be able to upgrade to 2.4.
You should not have a gateway set on the firewall rule on OPT1. That rule would normally be generated automatically by the port forward anyway (without a gateway).
If those are the only rules you have on OPT1 then you should not be able to access the gui on ports 80/443 externally via the OPT1 IP. If you can then you have bigger problems than just the port forward.
Steve
-
you are telling me that it may be version probleme ?
or i just need to use newer one ?
i downloaded the 2.3.3_1 version , i'll install it today ,
and i solved the problem " port 80 no longer open " so no more accessing from external , and thank you for this advice , it was realy serious problem :D -
thank you , the 2.3.3_1 realy solved the problem ,
so thank you ^^
