Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT Internal Access

    NAT
    2
    5
    684
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Azazel 0
      last edited by

      Hi All,

      I am new to pfSense, so I am getting myself confused.

      I have created NAT rules to connect to my Synology NAS for the DS Camera app.

      That is working fine externally, but if I'm on the internal network, it doesn't work.

      I have had no-ip setup for DDNS for a long time now, and this was working perfectly when I was using a unifi USG.

      I'm just not sure what I'm doing wrong or missing.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Azazel 0
        last edited by

        @azazel-0
        If you are using an internal DNS like the Resolver on pfSense, add a host override for your public host name.

        A 1 Reply Last reply Reply Quote 0
        • A
          Azazel 0 @viragomann
          last edited by

          @viragomann
          nslookup shows it resolving to the internal IP

          But when I try my port forwarding internally, it doesn't respond

          Here are some screenshots which might help

          321 is just an example for the external source port

          6aa57331-34c8-433a-8be3-7f15a575964c-image.png
          7dad9a28-0f74-49d2-bbfb-b3e972edff5e-image.png
          6e54ecf8-45ec-4998-8b7f-5cc8099feadf-image.png

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @Azazel 0
            last edited by

            @azazel-0 said in NAT Internal Access:

            321 is just an example for the external source port

            You're possibly meaning the destination port.

            Do you a port translation in the NAT rule to access this server from outside?
            Consider that a host overrides does no port translation and you cannot do it on pfSense without SNAT if both, client and server are within the same network segment.

            Also consider that you have to add proper firewall rules for allowing the traffic in the case that the access has to pass pfSense.

            A 1 Reply Last reply Reply Quote 0
            • A
              Azazel 0 @viragomann
              last edited by

              @viragomann
              I did some further testing and found that it was pfBlockerNG which was causing the issue.

              I'll have a look at my settings in it later today.

              Thanks for your help 😃

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.