Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Automatic outbound NAT vs Manual outbound NAT

    NAT
    4
    5
    6047
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Malesefx last edited by

      HI All,

      For VoIP, I had to use  Manual Outbound NAT rule generation.Phones are working OK without any problem.

      But my regular NAT port forwarding entries not working.

      If I use Automatic outbound NAT rule generation, my NAT port forwarding are working but VOIP traffic is not working properly.

      Any Ideas to make port forwarding work as well as the Manual Outbound NAT rule generation ?

      Thanks in Advance

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        Please post your setup and your rules.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • C
          cmb last edited by

          Outbound NAT generally has no relation to port forwarding. The only scenario that could potentially is if you wrongly have a gateway specified on an internal interface's config, and the hosts on that network aren't using pfSense as their default gateway. In that case, automatic will source NAT the port forwarded traffic, which is generally undesirable.

          1 Reply Last reply Reply Quote 0
          • M
            Malesefx last edited by

            Thank you for your replies.
            Well, I am posting my rule in case, you may need  to take a look and have an idea.
            Thanks in Advance

            ps. Just to remind the problem which was on prior post, when I run Manual Outbound NAT , host 10.0.3.10 is not being forwarded properly. However when I run Automatic Outbound NAT, host being forwarded well but VoIP traffic is not acting well.(Having drop calls). So I am trying to figure out the way of stability of both having port forwarding and manual outbound NAT working.

            Rules in PORT FORWARD
            Interface Protocol   Source Address Source Ports  Destination Address   Destination Ports      NAT IP            NAT Ports
            WAN         TCP            *                         *                *                          10000                   10.0.3.10         10000

            Rules on Manual Outbound NAT rule generation
            Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
            WAN         10.10.3.0/25            *                       *                500                     *                *               YES        Auto created rule for ISAKMP - LAN2 to WAN

            Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
            WAN         10.10.3.0/25            *                       *                *                       *                 *                NO         Auto created rule for LAN2 to WAN

            Interface   Source                Source Port         Destination   Destination Port  NAT Address   NAT Port   Static Port     Description
            WAN         10.10.3.0/25            *                       *                *                       *              1024:65535    NO         Auto created rule for localhost to WAN

            1 Reply Last reply Reply Quote 0
            • jimp
              jimp Rebel Alliance Developer Netgate last edited by

              Destination address on the port forward should be an IP (or "WAN Address"), not 'any'.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy