Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem NAT 1:1 on VMWARE!

    NAT
    2
    13
    5139
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfsensevietnam last edited by

      I have installed Pfsense 1.2.3 on Vmware machine!

      • Pfsense box:
        WAN ADDRESS: 192.168.3.130/24
        LAN ADDRESS : 10.0.0.1/8
      • pc on lan:
        ADDRESS: 10.0.0.2/8

      I disabled NAT Reflection,Block private networks on Pfsense!
      I create VIP type PARP has address 192.168.3.117
      when I NAT 1:1 to map ip 192.168.3.117 to 10.0.0.2 it not working correctly!
      Anyone can help me solve this problem?
      Thanks!

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        What do you mean "it is not working correctly"?

        what do you expect,
        what do you get,
        how do you test,
        etc.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • P
          pfsensevietnam last edited by

          I access port 80 to VIP 192.168.3.117 from WAN! But i can not connect to this port!
          When I use port forwarding I can connect!

          1 Reply Last reply Reply Quote 0
          • GruensFroeschli
            GruensFroeschli last edited by

            Is the pfSense WebGUI port on port80?
            Did you create a firewall rule allowing traffic in?
            Is the service behind the pfSense actually running?
            Did you test with another computer from the WAN side (not from the LAN side)?

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • P
              pfsensevietnam last edited by

              Pfsense WebGUI port 80 on IP 192.168.3.130
              I tested from another computer on WAN!
              I created firewall rule allow all to IP 192.168.3.130 on WAN Interface and rule allow all to ip 10.0.0.2 on LAN interface!

              1 Reply Last reply Reply Quote 0
              • GruensFroeschli
                GruensFroeschli last edited by

                This is wrong.
                Delete the rule on the LAN interface.
                It does nothing.

                You need a single rule on the WAN:
                Allow, TCP, source: any, source-port:any, destination:10.0.0.2, destination-port:80

                We do what we must, because we can.

                Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                1 Reply Last reply Reply Quote 0
                • P
                  pfsensevietnam last edited by

                  Yes! This is wrong and I solved the problem for PARP . Thank you very much!
                  Take problem when I change from PARP to CARP. I can not connect to port 80 at VIP 192.168.3.117!Firewall rule are same!

                  Can you help me to solve it?
                  Thanks!

                  1 Reply Last reply Reply Quote 0
                  • GruensFroeschli
                    GruensFroeschli last edited by

                    Did you read the note next to the field where you enter the IP of the VIP?
                    PARP and CARP VIPs are different in the way you enter them in the GUI.
                    You actually have to enter the IP to which you want to create the VIP.

                    We do what we must, because we can.

                    Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                    1 Reply Last reply Reply Quote 0
                    • P
                      pfsensevietnam last edited by

                      I have changed it!

                      If this is wrong, you can example value I must enter?
                      Thanks!

                      1 Reply Last reply Reply Quote 0
                      • GruensFroeschli
                        GruensFroeschli last edited by

                        Now you only have to set the correct subnet-mask.
                        From your first post, this is /24.

                        We do what we must, because we can.

                        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                        1 Reply Last reply Reply Quote 0
                        • P
                          pfsensevietnam last edited by

                          Yes, I set to /24

                          The problem still appear! :(
                          I can not connect to port 80 from WAN!
                          I from LAN pc I ping to internet address 8.8.8.8 I lost 75% packets!
                          Router address of WAN Interface of Pfsense is 192.168.3.254

                          1 Reply Last reply Reply Quote 0
                          • P
                            pfsensevietnam last edited by

                            And Pfsense screen output:

                            At Lan PC ping to the internet:

                            I used Vmware workstation 7.0.1!
                            Can you help me to solve this problem!
                            Thanks!

                            1 Reply Last reply Reply Quote 0
                            • P
                              pfsensevietnam last edited by

                              This problem happen because ethernet device in virtual machine can not enable promiscous mode! :D

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post