2.0 Problem with 1:1 / NAT Reflection / need help or suggestions please

  • Current setup is WAN (.157) and LAN interface.

    WAN has a Virtual IP of .158.

    Have set 1:1 NAT to point .158 to an internal address.

    Have rules on the WAN interface allowing access to port 443 for .158 -> internal IP.

    Have NO/zero NAT Port Forwards set up.

    Outside users can connect to .158 and get the internal web server.

    Internal users try to hit the external IP, the pfsense -apparently- is redirecting the request correctly.  The firewall log shows a connection from user1 to with TCP:S.  If we review the web server log, it shows a connection from the IP address of the FIREWALL, not the user1 IP address.

    Then the connection never goes any further.

    I have UNCHECKED
      -> NAT
          -> Disable NAT Reflection for port forwards

    I have UNCHECKED
      -> NAT

      -> NAT
          -> Disable NAT Reflection for 1:1 NAT

    I have CHECKED
      -> NAT
          -> Automatically create outbound NAT rules which assist inbound NAT rules that direct traffic back out to the same subnet it originated from.

    I have tried deleting the 1:1 NAT to see if it would "create" the outbound NAT rules automatically.  No dice.  I've tried rebooting different times in between steps.  No dice.

    I don't know what to check or how to proceed further with this.

    What am I missing, what can I change, or how can I further debug this?


  • (ping)


  • Banned

    Download snapshot from 18 jan 02:47.

    It was the first beta that worked for me regarding NAT reflection….

Log in to reply