Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual Wan Nat Outbound pfsense 2.7 stopped working

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 449 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gmadeira
      last edited by

      Hello,

      I have a setup where the pfSense is connected to two WANs (each on its own interface).
      I have several services (SMTP, HTTP), that are NATed to internal hosts.
      In pfsense 2.6, when the connection came from the secondary WAN it would go out through the same interface.
      But since I upgraded to version 2.7, the packets always go out through the main WAN interface, causing the connection not to work.

      I didn't change any configuration after the upgrade.
      I'm using Automatic outbound NAT mode.

      Can you help troubleshoot this or provide insight on what may have to be changed?

      Thanks in advance.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @gmadeira
        last edited by

        @gmadeira said in Dual Wan Nat Outbound pfsense 2.7 stopped working:

        I have several services (SMTP, HTTP), that are NATed to internal hosts.

        Ensure that there is a firewall pass rule on the respective WAN interface matching the incoming traffic. E.g. if you select "associated filter rule" in the NAT rule, a proper rule is created.

        However, also ensure that there is no pass rule on an interface group or a floating rule matching the forwarded incoming traffic.

        If you're unsure that the proper interface rule matches, enable the logging in all pass rules and check the firewall log after connection attempt.

        Basically this behavior didn't change in 2.7 though.

        G 1 Reply Last reply Reply Quote 0
        • G
          gmadeira @viragomann
          last edited by

          @viragomann , thank you.

          It was indeed a floating firewall rule that was causing the problem.

          After disabling it, all is working as expected again.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.