1:1 NAT MEGAWOES!



  • First of all thanks Hoba for trying to reproduce my problems the other day.

    With B4 I was getting fatal halts + trashed config.xml when adding VIPS + 1:1NAT. With RC1 I am getting occasional fatal halts when trying to alter 1:1NAT and/or VIPS but at least the config.xml isn't getting trashed.

    I have 3 WAN IP's. x.x.x.1/22, x.x.x.2/22, x.x.x.3/22. The first is my "primary" and bound to the WAN interface.

    The only way I seem to be able now to get 1:1 NAT working on x.x.x.2 and x.x.x.3/22 is by setting the 1st one to CARP and the second to OTHER…. does this make ANY sense??? It seems to work both w/CARP for a bit then the second becomes unreachable.. can switch it to OTHER then it's OK then back to CARP and it's OK....

    I correctly set the /22 with CARP and the NAT rule is WAN /32 to single internal IP.

    Thanks for any info!



  • For kicks, try a /24



  • Really? My ISP/WAN subnet is 255.255.252.0….

    Do you want me to try /24 for both 2 VIPs I am trying?

    Right now 1st w/CARP /22 and 2nd set to OTHER seems to be holding up. Unfortunately other side is not as it crashed when I tried to create a firewall alias. I will have to wait til tomorrow to get someone to reboot that box... not sure why it didn't come back up on it's own. I should mention I am using live-cd RC1 w/floppy.



  • #1 Install it to HD and see if it changes

    If that doesn't help

    #2 http://wiki.pfsense.com/wikka.php?wakka=ObtainingPanicInfoForDevelopers



  • OK I will do this. Do you still think I should try changing VIPs to /24 instead of /22 and if so what is the logic behind this (as if I would understand anyway lol.) Thanks!



  • Yes, /24 is a shot too.



  • Wont allow me to specify this mask unless I also set my WAN IP to this and I am guessing I will have 0 connectivity at all then?


Log in to reply