Two pfsenses FW sharing same public switch - GW , NAT doesn't work



  • Hi there,

    I have this strange problem and it goes like this.
    I'm having own infrastructure at some service provider behind pfsense hosting some services.  - PFSENSE1
    I'm also managing customer infrastructure with same provider also behind pfsense.  - PFSENSE2
    That means that basically both pfsense boxes are connected to same switch basically.

    I have nat on port X for some service with ACL. Several outside boxes can access that published service with no problem except some VM behind PFSENSE1. I've tried with removing ACL and allow all but it doesn't make any difference. It doesn't connect.

    I can connect to some other port, third customer that I'm also hosting at same service provider but it's not behind pfsense. I've also asked service provider if there is some filtering enabled on that switch but as I suspected it's not.

    I'm completely lost here without any ideas for additional troubleshooting. I've tried monitoring logs but when box behind PFSENSE2 tried to reach that published port nothing is logged at PFSENSE1, so I guess PFSENSE2 is doing sth wrong? I can access other services on the internet so it's not that PFSENSE2 is completely locked out.

    Any ideas what else to try? Thanks!



  • Check if the WAN interface network mask is set correctly on both boxes.


Log in to reply