Two PFsense systems cannot NAT(port forward)



  • Hello,

    Having two systems Routers, running PFSense 2.4.3, I try to Port Forward the Server2 through NAT. However this fails.

    -- WAN --| PF1 |--LAN------LAN--| PF2 |
    |-------| |--------|
    | |
    LAN1(Server1) LAN2(Server2)

    LAN1 is 10.25.1.254 , LAN2 is 10.17.1.254, PF1--LAN is 100.0.0.25,LAN--PF2 is 100.0.0.17. Can PING back and forth, can access both GUI's from A Laptop in the LAN1 or LAN2 however through WAN portforwarding for managing the PF2 remote does not work(e.g:server2). Although other devices connected to PF1 and portwarding (e.g:server1)

    What am I doing wrong ??

    Thanks in advance



  • First of all, you can't use 100.0.0.0 address space on your internal LAN networks, that actually belongs to MCI Communications Services, Inc. d/b/a Verizon Business. Nothing will route properly if your firewall is trying to get to that network.

    You should instead use 10.0.0.0/8 or 172.16.0.0/12 or 192.168.0.0/16

    Or, is that not what you are saying in your post? It's kind of confusing...

    Jeff



  • Thanks,PF1-LAN is 192.168.200.25,LAN--PF2 is 192.168.200.17.
    The problem is the same. !
    PF1:
    1.jpg


Log in to reply