Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IP masquerading question

    NAT
    2
    3
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      magsimoe
      last edited by

      Hello,

      We have a pfsense 2.0.1 that behaves a little strange…

      With a web server on the internal network and a NAT port forward with applicable rule, all connections to the web server are reported to originate from the internal gateway IP (fex. REMOTE_ADDR in PHP is set to the internal gateway IP).

      I can't really see what we've done wrong as it's pretty much a standard setup. What's worse, I don't know how to proceed in debugging.

      Any suggestion would be greatly appreciated!

      NAT
      Interface              WAN
      Protocol               TCP
      Source                 Any
      Source Ports           Any
      Destination            WAN
      Destination port range 80/80
      Redirect IP            192.168.199.10
      Redirect Port          80

      RULE
      Action                 Pass
      Interface              WAN
      Protocol               TCP
      Source                 Any
      Destination            Single/192.168.199.10
      Destination port range 80/80

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        Are you testing from within the LAN network? If so, then you might still have nat reflection off.
        If you are testing from external network, try watching tcpdump on pfsense and on the web server to make sure that the traffic is what it should be. 
        Have you changed the out bound nat settings?

        1 Reply Last reply Reply Quote 0
        • M
          magsimoe
          last edited by

          I actually just Forrest Gumped it and got it working.

          Dunno what the actual problem was, but i (yet again) removed all nats and rules and toggled the auto/manual creation on the outbound rule page.

          Thanks for you time!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.