Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1:1 NAT and ping

    Scheduled Pinned Locked Moved NAT
    6 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zinder
      last edited by

      I need to open a connection from the WAN to a specific device on the LAN. Almost everything works and according to what I have read, ping should also work.

      I have a VIP for a second public IP address x.x.x.20 from my ISP. Originally, it was set to Proxy ARP, but I changed it to CARP. I have a 1:1 NAT from .20 to my internal device 192.168.1.201. Currently, the internal device is a PC I am using for testing. I created a WAN rule of * * * 192.168.1.201 * *. This should open everything. I put a FTP server on the test PC. I can access it. So stuff is being forwarded. But I can't ping .20. I tried adding a second rule ICMP * * 192.168.1.201 * *, but that didn't help. I have the log on for the above rules. I can see the FTP in the log, but nothing from the ping. I read that ping only works with CARP, so I changed to that. Do I need to reboot pfsense? There is a Cisco box provided by the ISP. Could that be the problem? Could it be blocking ping? It is supposed to be configured as a pass through or bridge device.

      BTW: I can ping the test PC from within the LAN.

      Thanks
      David

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        What version of pfSense are you running?  This thread may be relevant.

        1 Reply Last reply Reply Quote 0
        • Z
          zinder
          last edited by

          Sorry. Forgot about that. Release 1.2.3.

          David

          1 Reply Last reply Reply Quote 0
          • Z
            zinder
            last edited by

            Cry Havok,

            I read your reference post. I require ping to work because it is a requirement from the group that I support. They use ping as a connectivity test. Its their standard and I have no control.

            David

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              Have you disabled any local client firewall on that PC? Windows Vista/7 block ping from outside their subnet by default, iirc.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • Z
                zinder
                last edited by

                As I suspected, my ISP is blocking ping. Thanks for the help.

                David

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.