IP masquerading question



  • Hello,

    We have a pfsense 2.0.1 that behaves a little strange…

    With a web server on the internal network and a NAT port forward with applicable rule, all connections to the web server are reported to originate from the internal gateway IP (fex. REMOTE_ADDR in PHP is set to the internal gateway IP).

    I can't really see what we've done wrong as it's pretty much a standard setup. What's worse, I don't know how to proceed in debugging.

    Any suggestion would be greatly appreciated!

    NAT
    Interface              WAN
    Protocol               TCP
    Source                 Any
    Source Ports           Any
    Destination            WAN
    Destination port range 80/80
    Redirect IP            192.168.199.10
    Redirect Port          80

    RULE
    Action                 Pass
    Interface              WAN
    Protocol               TCP
    Source                 Any
    Destination            Single/192.168.199.10
    Destination port range 80/80



  • Are you testing from within the LAN network? If so, then you might still have nat reflection off.
    If you are testing from external network, try watching tcpdump on pfsense and on the web server to make sure that the traffic is what it should be. 
    Have you changed the out bound nat settings?



  • I actually just Forrest Gumped it and got it working.

    Dunno what the actual problem was, but i (yet again) removed all nats and rules and toggled the auto/manual creation on the outbound rule page.

    Thanks for you time!


Log in to reply