Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1:1 NAT

    Scheduled Pinned Locked Moved NAT
    2 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rahvee
      last edited by

      Generally speaking, I'm pretty good with VPN's and NAT and all the networking stuff. But for some reason I'm having trouble with this.

      Oversimplified description:
      I have a pfsense device whose sole function is to do NAT between a 10.x.x.x/24 network, and a 192.168.x.x/24 network.  I connected the WAN side to 10.x.x.x/24, and the LAN is 192.168.x.x/24.  Ideally, I would like a range of IP's to be 1:1 nat'd in both directions, and all traffic passed.  But since that was proving more difficult than expected, I'm aiming low now, just trying to get SOMEthing to work.

      I went into NAT.  No port forwarding.  No 1:1.  Outbound automatic.
      I went into Interfaces / WAN.  Clear the checkboxes for blocking private and bogon networks.
      I went into Firewall Rules.  The WAN and LAN interfaces each have one rule:  permit everything.

      By using packet capture on pfsense I monitor traffic while I do this:
      Using a 192.168.x.x client, I set static route to the 10.x.x.x network via the pfsense box.  I ping a 10.x.x.x client.
      In the packet capture, I see the ICMP Echo Request come in the LAN interface.  I see the Echo Request go out the WAN interface, successfully NAT'd to the 10.x.x.x IP address of pfsense.  I see the Echo Reply come back.  But the Echo Reply does not go to the 192.168.x.x network.  It seems pfsense NAT is forgetting about the connection, or firewall blocking.

      I go to System Logs / Firewall.  (Clear the log, repeat the above tests).  Nothing new appearing in the log.

      1 Reply Last reply Reply Quote 0
      • R
        rahvee
        last edited by

        Not sure what changed.  I just ran through the Setup Wizard, entering all the same stuff that was already there.  And then it started working.  Maybe it just needed a reboot?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.