Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT to Windows Cluster

    NAT
    1
    2
    412
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottys
      last edited by

      I am setting up our new pfsense firewalls, and using NAT for our email server works great. The problem comes when I try to NAT to our Windows Server Cluster IP (ex. 10.0.0.50). I spun up a test VM and installed IIS and pointed the NAT Rule to that, and http and everything worked great. Pointed it back to the cluster IP and i always get "Connection Time out".

      I read that Window does some weird stuff and in order to get the Windows NLB (multicast) working on the pfSense, need to add the tunable : net.link.ether.inet.allow_multicast Value 1

      I added this and rebooted the pfsense, and still nothing. I am at an impasse, because the very basic firewall/router we have running now has the same basic rule that anything coming in port 80 or 443 to go to 10.0.0.50 works, but the powerful beast of pfsense does not.

      Any help is greatly appreciated.

      Also to answer the basic question, yes it is showing up on the ARP table. When I ping the Cluster from pfsense I receive Duplicate responses from all the servers. When I ping from a Windows or Linux (Mint) box I do not get any "duplicate" responses, if that makes any sense…

      1 Reply Last reply Reply Quote 0
      • S
        scottys
        last edited by

        I forgot to mention, when I point it to each server directly instead of the cluster (say 10.0.0.51 or 10.0.0.52), it still does not work

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.