UDP blocked - NAT reflection unable to connect over UDP
-
@horizon82 said in UDP blocked - NAT reflection unable to connect over UDP:
Simply because I wanted to see the differences.
There is no difference - when you switch from auto to manual, it takes all the auto rules and just converts them to manual. Manual then allows you to edit those or delete, etc.
While there might be some odd ball configs that would require manual mode. Normally you can just do hybrid, which is the best of both worlds. Allows you to do what you want, for say a vpn or something our outbound on other interfaces for source natting reasons. And still get auto nats added if you add more lan side interfaces, etc.
-
I understand hybrid is ideal however at the time I created my PIA VPN (many years ago) the instructions were to use manual outbound and copy the rules but make needed changes for the VPN. I've just stuck with that over the years onto my current config. Hence why I wanted to see the differences on a fresh install and compare to my own.
-
Thank you for talking with me along the way. Someone to discuss with provides much needed feedback on the route of frustration when things don't work.
-
@horizon82 said in UDP blocked - NAT reflection unable to connect over UDP:
the instructions were to use manual outbound
Yeah those instructions are sub optimal, and horrible advice.. And causes a lot of issues when users add new networks/vlans and don't understand why they don't work ;)
And users always fail to mentioned that they are even using a vpn or that their outbound was put into manual, and then come here asking why xyz doesn't work ;)
-
Well at least in my scenario the manual outbound and vpn had no impact. I specifically removed the vpn from the equation so that it wouldn't be an issue.
I just can't believe that the nat reflection requires the gateway to be set as default even if the chosen gateway is the default. Hopefully someone down the road finds this thread and it helps them.
-
@horizon82 said in UDP blocked - NAT reflection unable to connect over UDP:
manual outbound and vpn had no impact
It wouldn't have an impact unless you messed with them, or added another network and not an outbound nat and then wondered why it wasn't working ;)
Its just bad setup to switch to manual, and then create the nat required for the vpn, when you could just add the hybrid nat for the vpn..
I don't use nat reflection, since in my opinion its an abomination to all things networking ;) Now in some instances true it can be useful. When some client is is hard coded to use a public IP, or when it is using external dns and no way to have it use internal for whatever reason.
As to having to set a default gateway, might have to do with having a vpn setup which your pulling routes with and it gets set as the default gateway regardless of what might be shown in the gui.. Again more bad advice from the vpn providers - but then again they want you to send all traffic to them, not just the traffic you want to send.
