Port forwarding does not work when I use my ISP's nat?
-
Hi there! I for servers use two networks, one on the party of provider another internal. I installed and configured pfSense 2.4.4-RELEASE-p3, it has 2 interfaces (internal and external). White addresses come through NAT provider. The problem is that when contacting the external address pfSense port forwarding works, and when contacting the white address of the provider there is no access. Why, what did I miss and how to configure port forwarding to work?
-
Welcome to one of the "benefits" of NAT. When you set up port forwarding on your firewall and have a public address on the WAN side, the traffic from the web site can reach your firewall, where port forwarding is used to send it to a specific computer. When the ISP puts NAT ahead of your firewall, there is no way for you to configure port forwarding on it, so there's no route to your firewall.
NAT is a hack to get around the IPv4 address shortage and it breaks somethings Port forwarding is a way around one of the things it breaks, that is transparency along the entire path. With ISPs NAT you can longer work around it.
This is why the world MUST move to IPv6 as soon as possible. The more NAT is used, the more things break. Already with VoIP and some games it is necessary to use STUN servers, to get past NAT. I don't know that those will still work behind ISP & customer NAT combined.
