Reverse NAT problem with incoming load balancing

  • Hello,

    I have a pfsense 2.0.1 installation configured with incoming load balancing on some services.
    (The firewall rules for these services are "allow from any to any on destination port X")

    This pfsense has also 2 others internals subnets.

    I want to access my load balanced services from LAN and theses subnets.
    All computers are configured to connect to the WAN IP address for these services

    This was working well until I rebooted the pfsense machine…

    Now I can only access some services and not others.

    Services that doesn't work are redirected to the pfsense ip address.
    And it seems to me that only services with SSL/TLS have this problem.

    Examples (all have load balancing activated) :

    [WAN-IP-ADDRESS]:80 => Ok
    [WAN-IP-ADDRESS]:443 => I see the pfsense webpage "Potential DNS Rebind attack detected"
    [WAN-IP-ADDRESS]:25 => OK
    [WAN-IP-ADDRESS]:465 => Connexion timeout
    [WAN-IP-ADDRESS]:110 => OK
    [WAN-IP-ADDRESS]:995 => Connexion timeout
    [WAN-IP-ADDRESS]:143 => OK
    [WAN-IP-ADDRESS]:993 => Connexion timeout

    Do someone knows why this is happening and how I can make this work again ?

    Thanks you for your help

  • Start changing pfsense GUI from 443 to another port.

Log in to reply