Migrating virtual IPs from 1.2 to 2.0

  • I am replacing an older Netgate m1n1wall running pfSense 1.2 with a Netgate FW-7535 1U running the latest build of pfSense 2.0. I have Comcast business service with 5 static IP addresses. The IP addresses were configured as Proxy ARP types and everything worked beautifully. I replicated the configuration on the new firewall and cannot get the virtual IPs to work. Packets arrive on the WAN interface, but don't get NATed to the proper internal IP. As far as I can tell, all my NAT (and auto-generated firewall) rules are identical with what they used to be. Outbound traffic is not affected.
    How can I diagnose this issue?

  • You'll have to power cycle your modem after changing equipment like that.

  • Thanks for the suggestion, but cycling the cable model did not do anything. This turned out to be a firewall issue, and I still don't know with certainty what caused it. On the old (1.2) firewall, I had a block rule on the WAN port for all traffic on top of the list. When I replicated this, I think it behaved the way it it is supposed to, i.e. it blocked everything on the WAN port.
    It does not appear that this rule behaved as expected on pfsense 1.2.

Log in to reply