Single WAN simple NAT problem

maxxer

Hi.
I've a very simple setup using 2.1 beta1 20130115.
I configured a single host with PF as default gateway and works great. The problem are from out to in.
I added a NAT port fw from WAN, dest addr WAN, dest port 32122, nat ip the host with pf as gateway, target port 22, source any.
if I try to ssh to 32122 from outside to the WAN address, I get timeout. I tried debugging with packet capture and the reply DOES seem to go back to the caller IP, but the ssh connection never gets established anyway!

I checked the port forwarding troubleshooting but everything looks fine to me.

what else can I check?

this is the packet capture log:

15:33:07.507212 IP 62.167.X.Y.57474 > PFSENSE_WAN.32122: tcp 0
15:33:07.507473 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:08.518473 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:10.501582 IP 62.167.X.Y.57474 > PFSENSE_WAN.32122: tcp 0
15:33:10.501778 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:10.518444 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:14.518462 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:16.512903 IP 62.167.X.Y.57474 > PFSENSE_WAN.32122: tcp 0
15:33:16.513066 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0
15:33:22.518485 IP PFSENSE_WAN.32122 > 62.167.X.Y.57474: tcp 0

maxxer

if I do the same on another host on the lan it works.

the only difference is that the not working one is the KVM host where pfSense runs as guest.