Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Outbound NAT with Multi-WAN

    Scheduled Pinned Locked Moved NAT
    5 Posts 2 Posters 4.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      ocuevascorp
      last edited by

      Hi,

      We have pfsense 1.2 running in the office, it's multi  homed the primary interface is going to our DSL provider which gives us 10Mbps for inbound Traffic (em0). Also included are 5 public address which we don't use. Then we have our secondary ISP which is 3.0Mbps(em1) but gives us 15 public ip address for use. We have our mail server nat'd to the em1 interface secondary wan connection.

      If I log in to the server and go to checkip.dyndns.org it get's NAT'd to the em0 interface oppose to the em1. So it's not doing true NAT seems like.

      Any suggestions.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Dont mix up inbound with outbound connections.
        If you go to checkip.dyndns.org you create an outbound connection which per default gets NATed to the primary WAN.

        Or do you mean you created an AoN rule to NAT this servers traffic to the second WAN?
        Did you make sure the AoN rules are in the right order?
        (the rules are processed from top to down).

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • O
          ocuevascorp
          last edited by

          @GruensFroeschli:

          Dont mix up inbound with outbound connections.
          If you go to checkip.dyndns.org you create an outbound connection which per default gets NATed to the primary WAN.

          Or do you mean you created an AoN rule to NAT this servers traffic to the second WAN?
          Did you make sure the AoN rules are in the right order?
          (the rules are processed from top to down).

          Okay so I did turn on AoN and made sure that the rules are from top down so here the mail server

          LAN ip 10.18.8.205  NAT to  WAN2 ip 12.1.8.205 and is the most top rule.  There is a carp virtual ip for this too.

          1 Reply Last reply Reply Quote 0
          • O
            ocuevascorp
            last edited by

            @ocuevascorp:

            @GruensFroeschli:

            Dont mix up inbound with outbound connections.
            If you go to checkip.dyndns.org you create an outbound connection which per default gets NATed to the primary WAN.

            Or do you mean you created an AoN rule to NAT this servers traffic to the second WAN?
            Did you make sure the AoN rules are in the right order?
            (the rules are processed from top to down).

            Okay so I did turn on AoN and made sure that the rules are from top down so here the mail server

            LAN ip 10.18.8.205  NAT to  WAN2 ip 12.1.8.205 and is the most top rule.  There is a carp virtual ip for this too.

            The problem now is that nothing traverses the firewall from the lan outbound

            1 Reply Last reply Reply Quote 0
            • GruensFroeschliG
              GruensFroeschli
              last edited by

              Can you show screenshots your firewall rules and your (outbound and inbound) NAT rules?

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.