4. Automatic outbound NAT vs Manual outbound NAT

Automatic outbound NAT vs Manual outbound NAT

  • M

    HI All,

    For VoIP, I had to use  Manual Outbound NAT rule generation.Phones are working OK without any problem.

    But my regular NAT port forwarding entries not working.

    If I use Automatic outbound NAT rule generation, my NAT port forwarding are working but VOIP traffic is not working properly.

    Any Ideas to make port forwarding work as well as the Manual Outbound NAT rule generation ?

    Thanks in Advance

    0

  • Please post your setup and your rules.

    0
  • C

    Outbound NAT generally has no relation to port forwarding. The only scenario that could potentially is if you wrongly have a gateway specified on an internal interface's config, and the hosts on that network aren't using pfSense as their default gateway. In that case, automatic will source NAT the port forwarded traffic, which is generally undesirable.

    0
  • M

    Thank you for your replies.
    Well, I am posting my rule in case, you may need  to take a look and have an idea.
    Thanks in Advance

    ps. Just to remind the problem which was on prior post, when I run Manual Outbound NAT , host 10.0.3.10 is not being forwarded properly. However when I run Automatic Outbound NAT, host being forwarded well but VoIP traffic is not acting well.(Having drop calls). So I am trying to figure out the way of stability of both having port forwarding and manual outbound NAT working.

    Rules in PORT FORWARD
    Interface Protocol   Source Address Source Ports  Destination Address   Destination Ports      NAT IP            NAT Ports
    WAN         TCP            *                         *                *                          10000                   10.0.3.10         10000

    Rules on Manual Outbound NAT rule generation
    Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
    WAN         10.10.3.0/25            *                       *                500                     *                *               YES        Auto created rule for ISAKMP - LAN2 to WAN

    Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
    WAN         10.10.3.0/25            *                       *                *                       *                 *                NO         Auto created rule for LAN2 to WAN

    Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
    WAN         10.10.3.0/25            *                       *                *                       *              1024:65535    NO         Auto created rule for localhost to WAN

    0
  • Rebel Alliance Developer Netgate

    Destination address on the port forward should be an IP (or "WAN Address"), not 'any'.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy