NAT with TWO WAN interfaces [SOLVED]

crambo

Hello pfSense Forum

I have what I thought would be a fairly straight forward set up, but trying to use NAT on two interfaces is giving me some head ache.

The basics of my config

LAN INT: 172.16.0.1
WAN: 173.11.311.311 (obfuscated to no workie)
OPT1: 173.228.411.411 (same)

I have NAT mapping working BEAUTIFULLY on my default WAN (WAN) interface. If I attempt to set up port forwards for NAT by-way-of OPT1, I can see SYN_RCVD connections form outside host, but the route back seems to get lost, thinking that it is something to do with the default route being on the WAN.

If I packet cap on each interface, this is what I see:

On WAN
IP 173.228.441.441.80 > 166.137.209.174.15903: tcp 0 (The 173.228 addr is the addr o the OPT1 interface!!!)

On OPT1
IP 166.137.209.164.28647 > 173.228.411.411.80: tcp 0 (This is the inbound to NAT traversal

On LAN
IP 10.48.70.10.80 > 166.137.209.156.56322: tcp 0 (10.48.XX.XX is my internal dest host that currently shows the SYN_RCVD)

I would be happy to provide more info, just wasn't sure where to stop and where to begin.

Thanks for any thoughts in advance!

-C

crambo

Problem solved:

OPT1 was missing gateway declaration in OPT1 Interface settings.

Once I defined the next hop router (towards cloud) as the gateway, NAT worked.

doh. ;D