Automatic outbound NAT vs Manual outbound NAT
-
HI All,
For VoIP, I had to use Manual Outbound NAT rule generation.Phones are working OK without any problem.
But my regular NAT port forwarding entries not working.
If I use Automatic outbound NAT rule generation, my NAT port forwarding are working but VOIP traffic is not working properly.
Any Ideas to make port forwarding work as well as the Manual Outbound NAT rule generation ?
Thanks in Advance
-
Please post your setup and your rules.
-
Outbound NAT generally has no relation to port forwarding. The only scenario that could potentially is if you wrongly have a gateway specified on an internal interface's config, and the hosts on that network aren't using pfSense as their default gateway. In that case, automatic will source NAT the port forwarded traffic, which is generally undesirable.
-
Thank you for your replies.
Well, I am posting my rule in case, you may need to take a look and have an idea.
Thanks in Advanceps. Just to remind the problem which was on prior post, when I run Manual Outbound NAT , host 10.0.3.10 is not being forwarded properly. However when I run Automatic Outbound NAT, host being forwarded well but VoIP traffic is not acting well.(Having drop calls). So I am trying to figure out the way of stability of both having port forwarding and manual outbound NAT working.
Rules in PORT FORWARD
Interface Protocol Source Address Source Ports Destination Address Destination Ports NAT IP NAT Ports
WAN TCP * * * 10000 10.0.3.10 10000Rules on Manual Outbound NAT rule generation
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN 10.10.3.0/25 * * 500 * * YES Auto created rule for ISAKMP - LAN2 to WANInterface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN 10.10.3.0/25 * * * * * NO Auto created rule for LAN2 to WANInterface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN 10.10.3.0/25 * * * * 1024:65535 NO Auto created rule for localhost to WAN -
Destination address on the port forward should be an IP (or "WAN Address"), not 'any'.