Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Double Nat, No tcp connections

    NAT
    2
    3
    119
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      plankton45
      last edited by

      I have pfsense on a vm for a home lab. It is behind another router from my isp. I am able to ping internet hosts from devices on the pfsense lan. I also verified that routes are working. DNS is also working well from these clients through the firewall and isp.

      Tcp connections don't work though. I think it has something to do with the stateful nature of the system. I tried disabling those rules to block bogon and private networks but the problem persists.

      Anyone familiar with this?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @plankton45
        last edited by

        @plankton45
        I suspect, the LAN behind pfSense is not fully isolated from the network on the WAN side.

        Ensure that nothing else than pfSense has an interface in both networks. This also applies to the virtualization host.

        1 Reply Last reply Reply Quote 0
        • P
          plankton45
          last edited by

          @viragomann
          Thanks for the suggestion. I'm using an XCP-NG host. Just found some documentation that explains how to install xen tools and the removal of tx checksum offloading. Not sure which did it, I suspect the latter.

          https://docs.xcp-ng.org/guides/pfsense/

          Issue resolved.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.