Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why doesn't my Auto-created rule for LAN->WAN work in AON mode?

    Scheduled Pinned Locked Moved
    NAT
    1
    1
    317
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Dave R
      last edited by

      I added an OpenVPN client to a VPN provider today following the guide here: https://forum.pfsense.org/index.php?topic=76015.0

      I only want HTTP,HTTPS and DNS going over the VPN interface. All other (ssh, NTP, etc) should use the WAN interface.

      As I understand, when switching to AON (I was using Automatic) the automatic rules which were in effect are now applied as regular rules in the AON table.  I was not able to connect anywhere over the VPN link however. When I finally added a NAT Alias for 80,443, and 53, and applied it to a new rule (PIA VPN PORTS in the picture), then things started working again.

      I noticed I cannot browse any Steam game servers however. Also, ssh access to some of my external servers is not working. I don't see in the docs (https://doc.pfsense.org/index.php/Outbound_NAT) anything about adding explicit egress ports for AON, so I must be missing something.

      I noticed however that there is a rule (2nd from bottom in picture) which allows all of my internal LAN to the WAN port "auto created rule - LAN to WAN" so why isn't this rule working?

      pf.png
      pf.png_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post