Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I can't get routing working correctly

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prosenba
      last edited by

      I created my virtual IP and than created the NAT rules and I can't see the websites now from wan. Any Help would be appreciated. Maybe I should of created the virtual IP's and than created firewall rules instead of NAT? :(

      Virtual IPsCARP Settings
      Virtual IP address Interface Type Description
      edit
      63.226.242.186/29 WAN ip alias Public IP #2
      edit delete
      63.226.242.187/29 WAN ip alias Public IP #3
      edit delete
      63.226.242.188/29 WAN ip alias Public IP #4
      edit delete
      63.226.242.189/29 WAN ip alias Public IP #5
      edit delete
      edit
      Note:
      The virtual IP addresses defined on this page may be used in NAT mappings.
      You can check the status of your CARP Virtual IPs and interfaces here.

      And here are the rules
      ID Proto Source Port Destination Port Gateway Queue Schedule Description
      delete selected rules add
      icon   IPv4 TCP/UDP * 53 (DNS) 192.168.1.15 53 (DNS) * none   NAT sbs2008 DNS
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 143 (IMAP) 192.168.1.15 143 (IMAP) * none   NAT SBS 2008 IMAP
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 119 (NNTP) 192.168.1.15 119 (NNTP) * none   NAT SBS 2008 NNTP
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 25 (SMTP) 192.168.1.15 25 (SMTP) * none   NAT SBS2008 SMTP
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 110 (POP3) 192.168.1.15 110 (POP3) * none   NAT SBS 2008 POP3
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 80 (HTTP) 192.168.1.15 80 (HTTP) * none   NAT SBS 2008 HTTP
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 443 (HTTPS) 192.168.1.15 443 (HTTPS) * none   NAT SBS2008 HTTPS
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 995 (POP3/S) 192.168.1.15 995 (POP3/S) * none   NAT SBS 2008 Exchange
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 587 (SUBMISSION) 192.168.1.15 995 (POP3/S) * none   NAT SBS 2008 POP3 587
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 123 (NTP) 192.168.1.15 123 (NTP) * none   NAT SBS 2008 Time Server
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 1723 (PPTP) 192.168.1.15 1723 (PPTP) * none   NAT SBS 2008 PPTP
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.185 987 192.168.1.15 987 * none   NAT SBS 2008 SharePoint
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP * 80 (HTTP) 192.168.1.18 80 (HTTP) * none   NAT Web Server Http 18
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.188 443 (HTTPS) 192.168.1.18 443 (HTTPS) * none   NAT Web Server 18
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.189 80 (HTTP) 192.168.1.19 80 (HTTP) * none   NAT Web Server 19
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.189 443 (HTTPS) 192.168.1.19 443 (HTTPS) * none   NAT Web Server 19
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.187 53 (DNS) 192.168.1.17 53 (DNS) * none   NAT Secondary DNS
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.186 80 (HTTP) 192.168.1.16 80 (HTTP) * none   NAT Alarm System
      move selected rules before this rule edit
      delete add
      icon   IPv4 TCP/UDP 63.226.242.186 443 (HTTPS) 192.168.1.16 443 (HTTPS) * none   NAT Alarm HTTPS
      move selected rules before this rule edit
      delete add

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Those look like firewall rules not port forward rules. (or NAT rules)

        Edit: Just to expand on that. You want to add port forward rules and use the 'Filter rule association' option to add the firewall rule automatically (which is the default behaviour).
        You may also want to use manual outbound NAT rules if you want traffic returning from your servers to use the IP Alias addresses as their source address.

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.