Static routes & nat - a bug?

ilyaa

Hello!

pfSense 2.1.3
I've two WAN ifs: RT with gateway 212.14.214.254 (default) and DMZ - 192.168.200.200 with gateway 192.168.200.5
LAN interface has IP 192.168.183.107.
On the DMZ subnet there is another router (192.168.200.2) with direct link to 94.247.0.0/16 net.

I want my lan to be able to reach 94.247.0.0/16 net through 192.168.200.2.
I think, I need a static route for that.

Without additional routes trace looks like this:```
  1    <1 мс    <1 мс    <1 мс  192.168.183.107
  2    2 ms    2 ms    3 ms  212.14.214.254
  3    7 ms    9 ms    89 ms  94.247.56.233
  4    <1 мс    <1 мс    <1 мс  94.247.56.234
...

It used default gateway as expected.

After setting static route for 94.247.0.0/16 to go through 192.168.200.2 trace looks like this:```
  1    <1 мс    <1 мс    <1 мс  192.168.183.107
  2    <1 мс    <1 мс     1 ms  192.168.200.5
  3    81 ms     2 ms     2 ms  212.14.192.24
  4    13 ms     9 ms     8 ms  94.247.56.233
...

It uses gateway I've set on DMZ interface, not 192.168.200.2.

If I switch outbound NAT to manual and delete rules belonging to DMZ it starts to work as expected:```
  1    <1 мс    <1 мс    <1 мс  192.168.183.107
  2    <1 мс    1 ms    1 ms  192.168.200.2
  3    *        *    ^C

It uses right gateway but fail to reach site without NAT.

I need to understand, why with NAT pfSense uses wrong gateway.
Any ideas?
I'll be happy to provide any additional info.

sacristiano

Hello Ilyaa,

Have you obtained clarification on this issue? I'm also looking into this in CE version 2.6, please give me a light.

Thank you