1:1 nat is not working
-
Hi to all, i am trying to configure a 1:1 nat, it is not working. This is what i have done:
- Configured a virtual ip of type ip alias, bounded to localhost.
- Configure 1:1 NAT using the virtual ip on wan and local ip in lan interface.
- Configured a rule to allow http traffic:
I try to load my web page and it gives timeout error.
What am i missing, is it necessary an outbound rule?
-
The NAT forum would be a better place to post this.
Are you testing from inside your network?
https://docs.netgate.com/pfsense/en/latest/nat/accessing-port-forwards-from-local-networks.html
-
Interface: "WAN" (instead Localhost)
https://docs.netgate.com/pfsense/en/latest/nat/1-1-nat.html
-
Good catch. That's probably exactly it.
Btw, you don't need a 1:1 NAT just for a web server. You can do it through a port forward.
-
I used localhost beacuse the local ip address of wan interface is private and i route a public segment via this private segment, thats what my provider sugested, somothing similar to loopback interfaces in routers.
I am trying the connection from inside (lan) network.
If i change the nat from 1:1 nat to por forware do i need to configure an outbound rule? -
Then you have to either enable NAT reflection or configure your DNS to resolve your web server's FQDN to its LAN IP address, as per the document I linked to. Try it from the WAN side. Does it work then?
No, you don't need to play with outbound rules for those NATs.
I've never seen a NAT with localhost used. If you still can't get it working from either side, I would put it back to WAN as ptt suggested.