No outbound traffic in AWS deployment
I’m really hoping someone out there can help me. I’ve been working on getting pfsense to work on Amazon Web Services periodically for a couple weeks now and am close to throwing in the towel. No matter what I do, I can’t get traffic to flow out of the Lan subnet. I have port 3389 forwarded to a Server 2016 instance and can remote in without any trouble. However I can not get any internet connectivity once I am logged into the server. It feels like a NAT issue, but I'm not sure. I have added the Lan subnet to the outgoing NAT addresses as well as to the Networks_to_nat alias, but it doesn’t seem to be working.
When I run a packet capture on the Lan interface and try to connect to a website the traffic shows up, which I believe means the traffic is being routed to pfSense properly. When I run a packet capture on the WAN interface it doesn’t pick up anything.
I really want to get pfSense set up in AWS instead of using some of the other options. I’ve been using pfSense for about 5 years now and I love it. On top of it being cheaper, I also find it to be a far superior product.
I have a pretty straightforward AWS setup.
VPC Cloud: 10.20.0.0/16
Wan subnet: 10.20.0.0/24
Lan Subnet: 10.20.10.0/24 with one Windows 2016 ec2 instance running.
Wan Routing table is pointing 0.0.0.0/0 to the internet gateway
Lan Routing table is pointing 0.0.0.0/0 to the pfSense Lan network interface
I also have the security groups completely opened up.
Any ideas anyone?
Have you tried "disable Source/Destination Check" on the AWS pfSense instance? Just a thought.