4. Very Strange Problem With NAT in UDP

Very Strange Problem With NAT in UDP

  • F

    Hello, today I've seen a big problem with NAT in PFSENSE 2.0.3. My pfsense had a complex configuration but I'm sure that problem will exist in any kind of PFSENSE in these release.

    The problem is about NAT and UDP traffic

    1 WAN IP 192.168.100.2
    1 LAN IP 192.168.22.1

    In NAT I put all traffic with ip destination 192.168.100.2 udp port 6000 –> redirect to 192.168.22.2, I put also in firewall rule a log

    If I try outside this rule. It works good. But I encountered one situation that it not works:

    If are inside (192.168.22.2) and outside (192.168.100.1)with a with a udp program:
    sent udp datagram from 192.168.22.2 udpsrc=6000 to 192.168.100.1 udpdst=3710
    and with less than 5 secons you send another udp datagram from 192.168.100.1 udpdst=3710 to 192.168.22.2 udpsrc=6000 then the second datagram is logged in firewall with pass but router doens't do the NAT(datagram is not leavin out from LAN nic) (I don't understand why??????)

    I tried a lot of things and I can explain that:

    If you did the same but the answer from 192.168.100.1 is from another udpsrc diferent that form I request before then the nat rule logs and works correctly.

    If you wait some time before answer (not answer in few seconds), then with the same datagram and ports it works.

    Thanks a lot

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy