1 to 1 NAT problem
-
problem with nat 1 to 1 hangs and only remove and add again restores operation ;) . the problem appeared 2 weeks ago on CE and + at the same time.
-
@tkolaski Define "hangs"? CE 2.6 and Plus 23.01 are different OSs. Are these on the same ISP connection? Perhaps some sort of ARP problem? Did you power off the ISP router?
We use 1:1 in our office on 23.01 for all our clients' PCs to connect in to us every few minutes and have had no issues.
-
Try to adjust the Optimization Latency settings see if that helps. I had my WAN connection keep going down with my DSL because the time is somewhat slowed in the firewall with the Snort, Squid, Squidguard, DNS resolver, ACL lists etc. High Latency stopped all the offline issues.
-
@steveits una
no access from outside the lan, can't ping addresses outside the lan - after turning off the 1:1 mapping, the ping returns - but for it to work you need to remove 1:1, port forward and virtualip and add it again.2.6.0-RELEASE (amd64)
built on Mon Jan 31 19:57:53 UTC 2022
FreeBSD 12.3-STABLE
&
22.05-RELEASE (amd64)
built on Wed Jun 22 18:56:13 UTC 2022
FreeBSD 12.3-STABLEstrange it happened at the same time in other companies - other ISPs
-
@tkolaski When the 1:1 computer isn't working, the rest of the LAN has access via the default WAN IP? Or no one has access?
-
yes only the 1:1 computer has no access - it is a web server
-
@tkolaski Vague guess, maybe something in the outbound NAT? 1:1 should define its own outbound NAT rules so you shouldn't need to set up anything in outbound NAT.
Could anything else on the WAN side of pfSense be using that IP?