Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding and bond/link aggregate

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 704 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • _
      _mwa_
      last edited by

      I have 2 hosts behind a pfsense and a NAT rule for each host to access a service on each host from outside. This configuration works without any problems.

      Now I added a second network device to one of the hosts, created a bond on this host and a corresponding link aggregate on the switch. And after that the NAT rule stopped working.

      Port and IP-address stay the same, so from the LAN-side nothing changed and everything works as before. But from the outside world the bonded interface is no longer reachable via the pfsense.

      So whats wrong with my setup?

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        Can you draw this out in some form?

        Are you saying you have a Bonded WAN?

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by Derelict

          If the LACP is working correctly that is completely transparent to pfSense.

          Troubleshoot the LACP between the host and the switch to find your problem.

          The firewall has no idea that lag even exists.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          _ 1 Reply Last reply Reply Quote 0
          • _
            _mwa_ @Derelict
            last edited by

            @Derelict You are perfectly right: one day later the problem is gone. I've changed a lot this day (and I am not an expert, so I have tested some ideas to find out they did not work), thus I assume I have caused some trouble on the network with needed some time to settle down.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.