IP masquerading question

magsimoe

Hello,

We have a pfsense 2.0.1 that behaves a little strange…

With a web server on the internal network and a NAT port forward with applicable rule, all connections to the web server are reported to originate from the internal gateway IP (fex. REMOTE_ADDR in PHP is set to the internal gateway IP).

I can't really see what we've done wrong as it's pretty much a standard setup. What's worse, I don't know how to proceed in debugging.

Any suggestion would be greatly appreciated!

NAT
Interface              WAN
Protocol               TCP
Source                 Any
Source Ports           Any
Destination            WAN
Destination port range 80/80
Redirect IP            192.168.199.10
Redirect Port          80

RULE
Action                 Pass
Interface              WAN
Protocol               TCP
Source                 Any
Destination            Single/192.168.199.10
Destination port range 80/80

podilarius

Are you testing from within the LAN network? If so, then you might still have nat reflection off.
If you are testing from external network, try watching tcpdump on pfsense and on the web server to make sure that the traffic is what it should be. 
Have you changed the out bound nat settings?

magsimoe

I actually just Forrest Gumped it and got it working.

Dunno what the actual problem was, but i (yet again) removed all nats and rules and toggled the auto/manual creation on the outbound rule page.

Thanks for you time!