SOLVED : accessing internal network from wan side
-
Is your WAN VIP part of the original WAN subnet? If not CARP won't be an option here.
-
yes
my main internet IP adress is 134.214.116.244 /22 … in the same range -
so ? it is a bugg ?
-
I don't have the possibility to test atm. It used to work.
-
i moved my LAN network from 192.168.10.0/24 to 134.214.0.0/22
now i can use CRAP for virtual IP but i still cannot ping VIP from outside.
but now i can ping them from pfsense LAN side …. strange !!
looks like NAT 1:1 working in 1 way
-
ICMP is not natted You have to allow icmp to your wan vip. Btw, it's CARP and not CRAP ;)
-
already done, but still not working
-
hi,
I have downgrade to 1.0.1 release (29 october) and i have configured again CARP VIP, NAT and Rules … and it works ! I can ping VIP from outside.
i have add 3 others nated VIP, and reboot... now it dosen't work again and impossible to get it working !
firewall logs dosen't show any blocked ICMP to VIP or nated IPStrange !! ?
-
I am using now 15/03 snapshot … and VIP are not pingeable from outside !!
-
It works now with the latest snapshot (23-03-2007) !!
but any chance to have a NAT 1:1 with apple talk compatibility ?