Bit of a strange one… Internal PC needs to access server for updates

  • Hi guys,

    I have had success here before, so here goes:

    I have a setup where I have about 50 machines behind my pfsense firewall. One of these machines hosts an update site that listens on port XYZ. External clients update fine through teh port forwards I have done. Unfortunately the software cannot be changed to allow multiple update check addresses, so teh other PC's internally need to check for their updates in teh format ip.address:PortXZY . External clients use the same update path and are fine, but internally, the requests for an update check never reach the server (I have confirmed using "wireshark").

    Any ideas what I would need to do to allow a request to go out through pfsense, and back in again and be allowed through to the server to check for updates?

    Any clarification needed, just ask :)


  • Nat Reflection

    system_advanced_firewall.php  Go down to "Disable NAT Reflection for port forwards" and uncheck.    You can also find it on individual port forwards.  Set each one as needed.

  • That is awesome!!! I adjusted it within the specific port forward and it is now working.

    Thanks very much for such quick and CORRECT advise :)