4. Very Strange Problem With NAT in UDP

Very Strange Problem With NAT in UDP

  • F

    Hello, today I've seen a big problem with NAT in PFSENSE 2.0.3. My pfsense had a complex configuration but I'm sure that problem will exist in any kind of PFSENSE in these release.

    The problem is about NAT and UDP traffic

    1 WAN IP 192.168.100.2
    1 LAN IP 192.168.22.1

    In NAT I put all traffic with ip destination 192.168.100.2 udp port 6000 –> redirect to 192.168.22.2, I put also in firewall rule a log

    If I try outside this rule. It works good. But I encountered one situation that it not works:

    If are inside (192.168.22.2) and outside (192.168.100.1)with a with a udp program:
    sent udp datagram from 192.168.22.2 udpsrc=6000 to 192.168.100.1 udpdst=3710
    and with less than 5 secons you send another udp datagram from 192.168.100.1 udpdst=3710 to 192.168.22.2 udpsrc=6000 then the second datagram is logged in firewall with pass but router doens't do the NAT(datagram is not leavin out from LAN nic) (I don't understand why??????)

    I tried a lot of things and I can explain that:

    If you did the same but the answer from 192.168.100.1 is from another udpsrc diferent that form I request before then the nat rule logs and works correctly.

    If you wait some time before answer (not answer in few seconds), then with the same datagram and ports it works.

    Thanks a lot

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy