Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense not pinging correctly using VIPs in outbound NAT

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 785 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pacopito22
      last edited by

      65c23d89-9a46-4fd6-9d4c-6ed468824cb5-image.png
      As you can see above, for some reason when i try to ping to google using the virtual IP i made, it pings to the 8080 port instead of google. Any idea? I tried everything.. thanks in advice.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @pacopito22
        last edited by

        @pacopito22
        ❓

        The marked state shows a TCP connection to port 8080 from a LAN device, I guess.
        Ping uses ICMP protocol which only connects to IPs, not to ports.

        The ping you're talking about might be seen in the upper two lines. So you ping 8.8.8.8 from a LAN device and it uses 192.168.10.57 on WAN. Is this not correct?

        P 1 Reply Last reply Reply Quote 0
        • P
          pacopito22 @viragomann
          last edited by

          @viragomann
          Here are my nat rules etc..:
          05704366-003e-4fd5-b032-4fcd7a0f64d9-image.png
          3b8baf49-7dd7-4270-a652-541f5af7811d-image.png
          ca3635fb-a413-4a86-9dd8-ed927ee593ad-image.png
          0525c5d0-17aa-40e7-9fbe-eda0b9bc03d9-image.png
          6d619819-6032-4448-a1fb-f361b062b4c7-image.png
          097eb2fc-70a8-4d26-9dab-8312f392e002-image.png
          6efa48a5-157d-4fb0-8f91-f59c40351f31-image.png
          As you can see i did 2 VIP and for some reason the ping goes to the 8080 instead of just do a ping..

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @pacopito22
            last edited by

            @pacopito22
            Yeah, agree. It should use the VIP on WAN.
            You should reboot pfSense after adding outbound NAT rules.
            Maybe it also helps to kill the states.

            But the ping is not going to port 8080. This is TCP protocol as the state table is showing. Ping uses ICMP.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.