[Why] pfSense doesn't port-forward with gateway group set as default?
-
I had written a full message complete with diagnostics and all I did to where I was, while taking the screenshots I rechecked/retested everything as I went to waste less of people's time and y'know...look a little less dumb when it was pointed out to be something trivial
and I discovered it was the gateway group set as default. So...um yeah.Everything works perfectly fine with the gateway group set as default, why do port forwards don't?
While detailing the setup, in my original messaged I had written that those hosts I wanted to access don't have access to the Internet except via their reply-to rule that's created on-the-fly by a port forward. This is now what I don't understand, don't they must get this rule? I changed the default gateways and tried to access again via the same interface, it worked fine, then again and again.
So the reply-to is working otherwise the traffic would've followed the default route set on another interface, wouldn't it?? Obviously I'm still far from understanding all of the TCP/IP stack, so could you explain this to me?
Thanks! :)
-
Having the same gateway on multiple interfaces is likely the problem. It works, sort of, with PPPoE, but it's not a configuration we recommend or technically support, due to issues like this.
Probably the requests are coming in one interface and then it can't figure out which way to send the replies.
