• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Accessing Port Forwards from Local Networks

Scheduled Pinned Locked Moved TNSR
4 Posts 3 Posters 895 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    matlear
    last edited by Sep 3, 2022, 10:31 AM

    Hello All,

    With TNSR on my 6100 I am having trouble Accessing Port Forwards from Local Networks.
    Does anybody know the configuration which should be applied?

    In pFsense it was quite easy to configure using the documentation:

    https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html

    But in TNSR I dont know where I should start to be honest, any help would be appreciated :)

    Attached is my conf.

    TNSR.zip

    G J 2 Replies Last reply Sep 4, 2022, 12:38 PM Reply Quote 0
    • G
      gabacho4 Rebel Alliance @matlear
      last edited by Sep 4, 2022, 12:38 PM

      @matlear according to the release notes for the latest version, known issue:

      Unable to establish NAT hairpin connection [8014]

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator @matlear
        last edited by johnpoz Sep 4, 2022, 12:57 PM Sep 4, 2022, 12:57 PM

        @matlear never been a fan of nat reflection, what is the scenario that you have/want to use it - can you not just use split dns setup to resolve your local resources to their local IP vs the public one?

        This a better solution to be honest.

        The only scenario that I see where nat reflection is only way is when the local client is forced to use external dns, say hard coded iot device or something - and for some reason this can not be redirected. Or the IP is hard coded into the client.. All of which are bad scenarios to have to work through.

        I find that quite often nat reflection just seems to be solution that the user is familiar with - vs just locally resolve some fqdn to the local IP in the first place.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        M 1 Reply Last reply Sep 6, 2022, 6:03 PM Reply Quote 0
        • M
          matlear @johnpoz
          last edited by matlear Sep 6, 2022, 6:05 PM Sep 6, 2022, 6:03 PM

          @johnpoz Actually quite a few of the proprietary VM's I run in my Lab depend on hairpin NAT to function correctly.
          Cisco Expressways - Poly DMA Edge - Audiocodes & Ribbon Session border controllers.
          Lack of hairpinning can be worked around but takes more effort :)
          Split DNS I agree is easier for domain name look up but some of the advance SIP signaling I use routes back in through the wan IP address.

          1 Reply Last reply Reply Quote 0
          3 out of 4
          • First post
            3/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received