Pfsense 2 NAT issue

  • Hi

    I'm having a couple of issues setting up what should be a relatively simple NAT setup on pfsense 2

    I have one main WAN address

    I then have a block of 16 IP's that come in on etc etc

    I have the following LANS - (main lan) (other lan) (DMZ lan)

    I'm trying to do 1:1 NAT on my external IP's to the second LAN.  I've added in my external IP's as Virtual IP's, I've done a 1:1 nat from to  Once that is active I can then ping the external IP.

    I put a firewall rule in to allow all TCP traffic for testing.  When I scan the external IP from and external connection using nmap it shows the usual windows IIS ports open…however I cannot access port 80 at all...

    Is there something simple I'm missing here?

    Thanks in advance


  • i should add that nmap shows the ports that are opened are in a filtered state…

  • Where did you do your scan from?
    Actually from the outside or from within your network?
    Then this would apply:'t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3F

  • I am defiantly scanning the network from an external network…i have NAT reflection turned on in pfsense 2 regardless...



  • Could you show a screenshot of your firewall rules?

  • www alias is set for LAN client
    wwwports alias is ports 80 and 443

    nat is a 1:1 mapping from external IP (removed from screenshot) to internal LAN IP

    Virtual IP has also been setup…

    thanks for the assistance

  • ok, sorry for the fuss, turns out my ISP was blocking port 80 DESPITE having a high level business connection!

    a FYI for the future if nmap shows your ports as being filtered this could be as a result of ISP level port blocking!

    thanks for the help! :-)

Log in to reply