NAT reflection is not working.

  • Hi

    NAT reflection dose nothing for me just gives me a blank page. Everyting works perfect from outside. = internal webserver

    I have done everything I can think of, I read every post regarding this topic.
    I included pictures to show my settings.

    (Host Overrides is not an option for me, different ports goes to different servers.)

    Please help, going nuts. :)
  • i'm just guessing here …. i have not tried this,nor do i have any experience with nat reflection.


    have you tried setting your pfsense webgui to a port that is not 80 ?

  • LAYER 8 Global Moderator

    What snap are you on?

    I am running
    2.1-BETA0 (i386)
    built on Wed Dec 5 19:47:57 EST 2012
    FreeBSD 8.3-RELEASE-p5

    Now I don't normally use nat reflection, because to be honest I don't ever see a need for it.  One of those features that shouldn't even be allowed if you ask me ;)

    But I enabled it, same as your screen shot.  Created a nat on port 80 to my test linux box on, and then accessed my outside dyndns name that points to my public.  And works without issue.  And my pfsense gui is even running on port 80

    It should be just click and your done.  You are sure the fqdn your using to access is resolving to your current public IP that is on the wan IP of your pfsense.  If you behind a DOUBLE nat for example your going to have issues.

    As to "(Host Overrides is not an option for me, different ports goes to different servers.)"

    How is that?  That makes no sense to me at all.  What does it matter if you have different ports?

  • Problem solved after I updated to latest firmware. (mine was 6 days old)

    The sweet thing with NAT reflection is when you have mobile devies like smartphones or ipads you will access the network from outside and inside from the same device and then nat reflection is a must.
    Lets say you got like 5 different services port forwarded from one public IP to different servers(ip's) how can the mobile device know when its on the internal network and must use internal ip and port numbers, and when its on 3G access it must use one public address and another port number.

    Else Iam forced to use VPN and then only use internal IP's and port numbers, but VPN header over 3G and watching movies on my buissniess trips is not always that great. (I only use vpn/ipsec for my ipad to access my windows terminal servers)

