• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Routing from BGP Network out through NAT

Scheduled Pinned Locked Moved Routing and Multi WAN
6 Posts 2 Posters 943 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    ComputingDon
    last edited by Apr 12, 2023, 2:35 PM

    Currently running a Nested NSX-T instance connecting BGP to pfSense. All of my networks that are not using BGP route out through the pfSense NAT with no problems. Routing from the BGP networks to the other networks work with no issues.
    When attempting to exit through the NAT from the BGP networks though the traffic stops at the pfSense interface. I saw traffic being blocked from the esx hosts by the default rule and created a rule and no longer see any blocked traffic for the esx hosts but the traffic still stops at the pfSense interface. I'm not sure where to look for better insight or if there is a known solution to get the BGP networks to route out of the pfSense through the WAN interface.

    D 1 Reply Last reply Apr 12, 2023, 10:30 PM Reply Quote 0
    • D
      Derelict LAYER 8 Netgate @ComputingDon
      last edited by Apr 12, 2023, 10:30 PM

      @computingdon Are the source networks of the downstream routes matched in Firewall > NAT, Outbound so they get outbound NAT treatment?

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      C 1 Reply Last reply Apr 13, 2023, 3:57 PM Reply Quote 0
      • C
        ComputingDon @Derelict
        last edited by Apr 13, 2023, 3:57 PM

        @derelict Yes, the traffic reaches a .251.x network that is on the firewall and that is on the outbound NAT list.

        D 1 Reply Last reply Apr 14, 2023, 6:31 PM Reply Quote 0
        • D
          Derelict LAYER 8 Netgate @ComputingDon
          last edited by Apr 14, 2023, 6:31 PM

          @computingdon Then it will get outbound NAT.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          C 1 Reply Last reply Apr 14, 2023, 6:34 PM Reply Quote 0
          • C
            ComputingDon @Derelict
            last edited by Apr 14, 2023, 6:34 PM

            @derelict And it isn't though. The traffic stops at the pfSense interface and doesn't leave.

            D 1 Reply Last reply Apr 14, 2023, 7:43 PM Reply Quote 0
            • D
              Derelict LAYER 8 Netgate @ComputingDon
              last edited by Apr 14, 2023, 7:43 PM

              @computingdon You'll need to post details. The source address of the connection, the route back to it, the firewall rules passing that traffic when it enters pfSense, and the outbound NAT rules.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received