• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Problem NAT 1:1 on VMWARE!

Scheduled Pinned Locked Moved NAT
13 Posts 2 Posters 5.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pfsensevietnam
    last edited by Jul 7, 2010, 1:04 PM

    I have installed Pfsense 1.2.3 on Vmware machine!

    • Pfsense box:
      WAN ADDRESS: 192.168.3.130/24
      LAN ADDRESS : 10.0.0.1/8
    • pc on lan:
      ADDRESS: 10.0.0.2/8

    I disabled NAT Reflection,Block private networks on Pfsense!
    I create VIP type PARP has address 192.168.3.117
    when I NAT 1:1 to map ip 192.168.3.117 to 10.0.0.2 it not working correctly!
    Anyone can help me solve this problem?
    Thanks!

    1 Reply Last reply Reply Quote 0
    • G
      GruensFroeschli
      last edited by Jul 7, 2010, 1:07 PM

      What do you mean "it is not working correctly"?

      what do you expect,
      what do you get,
      how do you test,
      etc.

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • P
        pfsensevietnam
        last edited by Jul 7, 2010, 1:09 PM

        I access port 80 to VIP 192.168.3.117 from WAN! But i can not connect to this port!
        When I use port forwarding I can connect!

        1 Reply Last reply Reply Quote 0
        • G
          GruensFroeschli
          last edited by Jul 7, 2010, 1:11 PM

          Is the pfSense WebGUI port on port80?
          Did you create a firewall rule allowing traffic in?
          Is the service behind the pfSense actually running?
          Did you test with another computer from the WAN side (not from the LAN side)?

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • P
            pfsensevietnam
            last edited by Jul 7, 2010, 1:14 PM

            Pfsense WebGUI port 80 on IP 192.168.3.130
            I tested from another computer on WAN!
            I created firewall rule allow all to IP 192.168.3.130 on WAN Interface and rule allow all to ip 10.0.0.2 on LAN interface!

            1 Reply Last reply Reply Quote 0
            • G
              GruensFroeschli
              last edited by Jul 7, 2010, 1:21 PM

              This is wrong.
              Delete the rule on the LAN interface.
              It does nothing.

              You need a single rule on the WAN:
              Allow, TCP, source: any, source-port:any, destination:10.0.0.2, destination-port:80

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • P
                pfsensevietnam
                last edited by Jul 7, 2010, 2:57 PM Jul 7, 2010, 1:43 PM

                Yes! This is wrong and I solved the problem for PARP . Thank you very much!
                Take problem when I change from PARP to CARP. I can not connect to port 80 at VIP 192.168.3.117!Firewall rule are same!

                Can you help me to solve it?
                Thanks!

                1 Reply Last reply Reply Quote 0
                • G
                  GruensFroeschli
                  last edited by Jul 7, 2010, 1:51 PM

                  Did you read the note next to the field where you enter the IP of the VIP?
                  PARP and CARP VIPs are different in the way you enter them in the GUI.
                  You actually have to enter the IP to which you want to create the VIP.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • P
                    pfsensevietnam
                    last edited by Jul 7, 2010, 1:56 PM

                    I have changed it!

                    If this is wrong, you can example value I must enter?
                    Thanks!

                    1 Reply Last reply Reply Quote 0
                    • G
                      GruensFroeschli
                      last edited by Jul 7, 2010, 2:05 PM

                      Now you only have to set the correct subnet-mask.
                      From your first post, this is /24.

                      We do what we must, because we can.

                      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                      1 Reply Last reply Reply Quote 0
                      • P
                        pfsensevietnam
                        last edited by Jul 7, 2010, 2:14 PM Jul 7, 2010, 2:12 PM

                        Yes, I set to /24

                        The problem still appear! :(
                        I can not connect to port 80 from WAN!
                        I from LAN pc I ping to internet address 8.8.8.8 I lost 75% packets!
                        Router address of WAN Interface of Pfsense is 192.168.3.254

                        1 Reply Last reply Reply Quote 0
                        • P
                          pfsensevietnam
                          last edited by Jul 7, 2010, 2:56 PM Jul 7, 2010, 2:52 PM

                          And Pfsense screen output:

                          At Lan PC ping to the internet:

                          I used Vmware workstation 7.0.1!
                          Can you help me to solve this problem!
                          Thanks!

                          1 Reply Last reply Reply Quote 0
                          • P
                            pfsensevietnam
                            last edited by Jul 7, 2010, 4:23 PM

                            This problem happen because ethernet device in virtual machine can not enable promiscous mode! :D

                            1 Reply Last reply Reply Quote 0
                            13 out of 13
                            • First post
                              13/13
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                              This community forum collects and processes your personal information.
                              consent.not_received