I'm doing something wrong…. (NAT to internal server)
-
I will do my best to keep my explanation brief. I'm piloting a PFSense box right now on an internal network (10.x.x.x).
PFSense Primary "WAN" Address: 10.39.4.119
PFSense Primary LAN Address: 192.168.1.1
"Server" in question: 192.168.1.106
External IP that should 1:1 to server: 10.39.3.100I have setup 10.39.3.100 as a VIP in PFSense. (Attached) I am able to ping it and get a response from an external machine after opening the appropriate firewall rules. I am currently running a ping -t continuous ping. In the 1:1 NAT mapping, I have the pictured setup (Attached).
Why do you think that the 10.39.3.100 address responds to pings, but doesn't seem to be correctly mapped to the "Server"? Disconnecting the server's ethernet port has no effect on the pings. They keep responding successfully. For reference, I am running a completely open firewall where traffic from anywhere on any port can flow both directions. I have automatic outbound NAT enabled.
Where did I goof?
-
:(
….....
It was Windows Firewall's fault. epic facepalm
All is well now. A quick disabling of the Win Firewall allowed RDP sessions and pings in and out, and PFSense's automatic outbound NAT took over admirably. :D