Bit of a strange one… Internal PC needs to access server for updates

bwstu

Hi guys,

I have had success here before, so here goes:

I have a setup where I have about 50 machines behind my pfsense firewall. One of these machines hosts an update site that listens on port XYZ. External clients update fine through teh port forwards I have done. Unfortunately the software cannot be changed to allow multiple update check addresses, so teh other PC's internally need to check for their updates in teh format ip.address:PortXZY . External clients use the same update path and are fine, but internally, the requests for an update check never reach the server (I have confirmed using "wireshark").

Any ideas what I would need to do to allow a request to go out through pfsense, and back in again and be allowed through to the server to check for updates?

Any clarification needed, just ask :)

Thanks!
Stu

chpalmer

Nat Reflection

system_advanced_firewall.php  Go down to "Disable NAT Reflection for port forwards" and uncheck.    You can also find it on individual port forwards.  Set each one as needed.

bwstu

That is awesome!!! I adjusted it within the specific port forward and it is now working.

Thanks very much for such quick and CORRECT advise :)

Stu