Problem with NAT

  • Hi,

    I Have this scenario:

    My Pfsense has two network

    Lan -
    Wan - (DHCP) - i get this ip from my router

    My router
    router is use protocol ipoe, is the default gateway

    So i have a service that i want to acess outside from my networks. so i make my nat rules


    source address: any
    source ports:any
    dest. address:wan address
    dest. ports:491
    NAT IP:
    NAT ports:491
    Nat reflection:use systems default
    filter rule association:create new associated filter rule

    On my system->advanced->firewall & NAT

    Nat reflection mode :disabled
    Enable nat reflection:no check
    enable automatic outbound no check

    when i try to access my network from outside, my nat rule is not working, i use i got this message could not see service on port 491. can you help me please.

  • LAYER 8 Global Moderator

    "NAT IP:"

    How would that work?  If your lan is 192.168.0

    Your wan is also rfc1918, so whatever is doing nat in front of pfsense would have to allow the traffic into pfsense WAN IP before pfsense could forward it on to something on its lan.

  • sorry i make mistake, i mean NAT IP:, and i don´t have checked in wan interface on my block private networks and loopback addresses. i don´t understand what do you mean i have rfc1918. My nat rule still don´t work it

  • LAYER 8 Global Moderator

    your pfsense wan is private IP, ie its not public. So there is something in front of it doing nat..

    Your other router or isp device is changing your public IP to the is private (rfc1918 address)

    "Wan - (DHCP) - i get this ip from my router "

    So you need to make sure you forward whatever it is you want to forward on that device to pfsense wan IP.

    Since you will be sending traffic to rfc1918 (your pfsense wan) you will need to make sure you uncheck the block rfc1918 on wan.

Log in to reply