Outbound NAT rule not being followed

ssheikh

In the recent past I have seen several posts about outbound NAT not working as expected when the outbound NAT rule specifies a virtual IP for the NAT address. In all of those instances, 1-to-1 NAT does not work for outbound traffic either. All traffic simply gets NAT-ed through the WAN interface IP.

Inbound port forwarding rules work ok even if the port forward is from a virtual IP.

What is also interesting is that http://www.showmyip.com actually shows my inside IP address of the system that I am running the web browser on. http://www.whatsmyip.org reports the IP address of my WAN interface.

I am seeing this in about half of my pfSense 1.2.2 deployments. Interestingly, none of the instances running as a VM in VMware have this problem. Only ones running on physical hardware have the issue.

I have yet to do packet captures to see what is different in the outgoing packets. Particularly interested in seeing the difference that makes  http://www.showmyip.com show my inside IP of the desktop machine itself when Outbound NAT rules are not working as expected and it shows the proper virtual IP defined in the Outbound NAT rule when the rule is working as expected.

Has anyone else done any troubleshooting to resolve this that they want to share here?

jimp

Have you checked for this?

http://doc.pfsense.org/index.php/Why_does_my_system_using_1:1_NAT_still_appear_to_access_the_web_via_the_pfSense_router's_WAN_IP%3F

ssheikh

doh! You are absolutely correct. All the instances where I (incorrectly) thought this was happening has squid installed.