Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    LAN side internal load-balance. Help!

    NAT
    2
    2
    1859
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      romp last edited by

      I have a problem that seems like it should be easy to do, but pfSense hates me.

      I have several SMTP servers.  I would like to be able to load balance them when one of our LAN servers sends emails.  I do not need nor want it accessible from the WAN.

      For example,

      LAN interface:  172.24.0.1/16
        Load Balance IP: 172.24.200.254
        Pool IPs; 172.24.200.1-4

      Yes, they are all in the same subnet.

      If I telnet (port 25) directly to the SMTP servers (eg 172.24.200.1) I can connect fine.  If I try the same with 172.24.200.254, nada.

      I have seen information saying that I need to do NAT Reflection or something, but I can't figure out where, how, or what to add.

      Please help.

      1 Reply Last reply Reply Quote 0
      • marcelloc
        marcelloc last edited by

        romp,

        Pfsense does not hates you, it's just doing what you configured :)

        See what is happening:
        workstation 172.24.150.20 asks 172.24.200.254 a smtp connection
        172.24.200.254 forward this request to 172.24.200.1 pool member
        172.24.200.1 accepts the request and answer ok to 172.24.150.20.
        172.24.150.20 rejects the message as it asked 172.24.200.254 for a connection.

        Forcing source ip to 172.24.200.254 while talking to 172.24.200.1-4 using an outbound nat rule will fix this communication issue.
        You may need to change outbound nat to manual before applying the rule.

        att,
        Marcello Coutinho

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense Plus
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy