Cant set up nat please help

kage

ok i used to use pfSense about a year and a half ago as the firewall for my small server/network… worked great no problems.

i just started using it again and i cant get my NAT to work at all.... i have a webserver (internal ip 192.168.1.158 lets say) it runs web (80) ssh (22) and 2 other services on other ports. i have set up nat to forward these ports:

example:
If          Proto  Ext. port range    NAT IP                                Int. port range
WAN  TCP/UDP  80 (HTTP)  192.168.1.158(ext.: any)     80 (HTTP)

nothing... cant connect to it.
before you ask yes i have changed the webgui port, and furthermore NONE of the other forwards are working either.

when i uncheck "Disable NAT Reflection" in system->advanced settings it works perfectly, except for the fact that i can not access any external from my network (lets say i type http://www.google.ca into my browser, it says google in the address bar but gives me my own server)

can someone tell me what im doing wrong? thanks in advance!

j2b

Check your WAN interface firewall rules to allow from ANY to 192.168.1.158 IP address, adding corresponding ports. This is what I could not understand. On other firewalls you allow packets on external IP address and port, and afterwards (after getting through), your FW translates them to internal address. In PFsense this is done differently (my gess is PF system), that asks to allow traffic to internal IP address, because NAT is done before filters, rather than after them. The second - check outgoing NAT. If it does not work, then you are getting packets in, but outward packets could not figure the way out. The same - check your gateway settings on HTTP host. Please post, whether this works or not, as well others are welcome to comment my assumptions.
Regards…

kage

i am not sure what you are suggesting i do, i have added the rules for the forwarding, i gave an example of the WAN rule in my first post, this is the rule auto created by pfSense when i create the port forward. furthermore, even with "disable firewall" checked, it does not work… but then again with "disable firewall" checked i can not get any internet at all

does anyone have a solution to what i am doing wrong, i love pfSense but if i can not get this fixed in the next 12 hours i have to abandon it :(

thanks in advance, again

Cry Havok

With so little information nobody will be able to tell you what's wrong.

So, let's start with:

1. What version of pfSense are you using (eg 1.2.3-RC1 embedded or 1.0 full install)
2. What is your WAN IP and LAN IP (hide the last number of each if you wish, but don't make them up).
3. What changes have you made from the default install?

kage

version: 1.2.3 RC-1
my lan ip of my server: 192.168.1.158 (static lease)
only changes i have made since install is to change my dhcp server to only lease 100->155 instead of 199, so that i could staticly lease 158.

i have just removed 1.2.3RC1 and installed 1.2.2 and it works perfect so … i dont know what the problem was but it is working now