Pfsense 2 NAT issue
-
Hi
I'm having a couple of issues setting up what should be a relatively simple NAT setup on pfsense 2
I have one main WAN address 1.1.1.1
I then have a block of 16 IP's that come in on 1.1.2.2/1.1.2.3 etc etc
I have the following LANS -
10.0.0.0 (main lan)
10.1.1.1 (other lan)
10.2.2.2 (DMZ lan)I'm trying to do 1:1 NAT on my external IP's to the second LAN. I've added in my external IP's as Virtual IP's, I've done a 1:1 nat from 1.1.2.2 to 10.1.1.50. Once that is active I can then ping the external IP.
I put a firewall rule in to allow all TCP traffic for testing. When I scan the external IP from and external connection using nmap it shows the usual windows IIS ports open…however I cannot access port 80 at all...
Is there something simple I'm missing here?
Thanks in advance
evano
-
i should add that nmap shows the ports that are opened are in a filtered state…
-
Where did you do your scan from?
Actually from the outside or from within your network?
Then this would apply: http://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3F -
I am defiantly scanning the network from an external network…i have NAT reflection turned on in pfsense 2 regardless...
cheers
evano
-
Could you show a screenshot of your firewall rules?
-
www alias is set for LAN client 10.0.0.50
wwwports alias is ports 80 and 443nat is a 1:1 mapping from external IP (removed from screenshot) to internal LAN IP
Virtual IP has also been setup…
thanks for the assistance
-
ok, sorry for the fuss, turns out my ISP was blocking port 80 DESPITE having a high level business connection!
a FYI for the future if nmap shows your ports as being filtered this could be as a result of ISP level port blocking!
thanks for the help! :-)