Cannot get NAT to work



  • hello,

    I'm getting really frustrated. I have problems with getting NAT properly working. I have on two locations PfSense and it is partly working

    Config:

    DLS modem                  –--------              PfSense 1.2RC3 (Alix 2c1)
    10.0.0.138                                              vr(1) WAN 10.0.0.10 via DHCP
    DMZ --> 10.0.0.10                                    vr(2) DMZ  192.168.16.1/24 DHCP server  -- Laptop
                                                                vr(0) LAN  192.168.1.1/24 DHCP server -- sonicwall SSL-VPN200

    The sonicwall has a fixed IP address 192.168.1.5 on the LAN segment. I've created a NAT rule as the SSL devices requests access through port 443. I've created a Nat rule:

    IF          PROTO              EXT                    NAT IP                  INT PORT RANGE
    WAN      TCP                  443(HTTPS)        192.168.1.5            443(HTTPS)

    The system created a rule on the WAN Interface allowing TCP access from any source, any port to 192.168.1.5 port 443 and any gateway and any schedule.

    however it doesnot work when I try to access the sonicwall under https://mydomain.com. I can ping the sonicwall from the PfSense router, but only on the DMZ interface, not on the WAN interface.
    I've tried everything, but do not know what I'm doing wrong

    thanks for any suggestion or idea.
    regards,
    Hans



  • http://forum.pfsense.org/index.php/topic,7001.0.html

    uncheck "Block private networks" on WAN
    uncheck "disable NAT reflection" in advanced



  • Hello thanks,

    made a change to the configuration. Now the SSL-VPN is in the DMZ and surpringly it now works. Tried to check all differences. Only special thing was a suspicious DHPC reservation for the laptop.

    Still wonder what the problem was..

    regards,
    Hans


Log in to reply