1:1 NAT / Port forward not working since 23.01
-
I'm experiencing an issue with our network setup using the Netgate 2100 v23.01 and 23.05. We have been using this setup for a year with various Netgates, but now I can't get it to work with the new version of pfSense. The LAN network has IPs in the range of 192.168.1.0/24, and I want to access it from a VPN using a different subnet to avoid IP conflicts.
To achieve this, I have set up a routing rule: 10.0.0.0/24 --> LAN_GW, and then a 1:1 NAT on the LAN interface with an external IP of 10.0.0.0 and an internal IP of 192.168.1.0/24. This configuration was working fine with version 22.05 of pfSense. However, with the packet capture feature, I can see that the traffic is trying to reach 10.0.0.0/24 on the LAN instead of 192.168.1.0/24 (ARP, Request who-has 10.0.0.101 tell 192.168.1.1, length 28).
The same issue occurs when I ping from the VPN or from the Netgate itself. It appears that the traffic originating from the Netgate is no longer being translated.
Here are the configurations that were working on pfSense 22.05:
System → Routing → Gateways: Added a gateway with IP 192.168.1.1 on the LAN interface.
System → Routing → Static Routes: Added a route with network 10.0.0.0/24 and gateway 192.168.1.1.
Firewall → NAT → 1:1: Added a mapping in the LAN interface with external IP 10.0.0.0 and internal IP LAN net.
System → Advanced → Firewall & NAT :- NAT Reflection : Pure NAT
- NAT Reflection for 1:1 NAT : Checked
- Enable automatic outbound NAT for Reflection : Checked
-
@Robovic I am having the same issue