[resolved] Routing problem
-
Hello,
I use pfsense 1.2b1 in a datacenter for colocation, i have 62 public IP's from xxx.xxx.xxx.128 to 191, the colocation gateway is xxx.xxx.xxx.129, subnet mask 255.255.255.192
I have 4 nic's, my pfsense ip is xxx.xxx.xxx.130
WAN (xxx.xxx.xxx.130/26, Gateway : xxx.xxx.xxx.129)
|
LAN (192.168.2.1/24)
|
OPT1 (bridged with WAN)
|
OPT2 (LAN2, 192.168.1.1/24)I want use 8 public IP's from my 64 IPs to do NAT on LAN2
So I create 8 VIPs (xxx.xxx.xxx.176-184) and create NAT 1:1 to my LAN2
In the firewall rules i create some rules like :
Protocol :TCP/UDP Source :* Destination: xxx.xxx.xxx.176
I also tried
Protocol :TCP/UDP Source :* Destination: 192.168.1.1But impossible to join my servers.
Any ideas ?Thanks
-
Destination needs to be the private IP (NAT happens first, then rules). Rules need to be on your WAN interface.
Can the machines get out to the Internet?
-
Yes machines can get out, i can ping outside or browse Internet, but i can not ping outside to inside.
I tried this rule on the WAN:
Protocol :ICMP Source :* Destination: 192.168.1.1 Name: Ping, Log when match
and
Protocol :TCP/UDP Source :* Destination: 192.168.1.1 Name : AllOn the OPT1 i also add this rule :
Protocol :ICMP Source :192.168.1.1 Destination: *
In the Log the rule for ping appear :
Source : outside IP destination 192.168.1.1
but on the outside box, i don't have any reply to the pingPerhaps there is a problem with the routing because when i bridge the OPT1 with WAN the IP adresse set is : xxx.xxx.xxx.128/26 and the VIP xxx.xxx.xxx.176 is in this network range ?
-
Everything works fine, it was a problem with my switch & vlan.