Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot get NAT to work

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hansru
      last edited by

      hello,

      I'm getting really frustrated. I have problems with getting NAT properly working. I have on two locations PfSense and it is partly working

      Config:

      DLS modem                  –--------              PfSense 1.2RC3 (Alix 2c1)
      10.0.0.138                                              vr(1) WAN 10.0.0.10 via DHCP
      DMZ --> 10.0.0.10                                    vr(2) DMZ  192.168.16.1/24 DHCP server  -- Laptop
                                                                  vr(0) LAN  192.168.1.1/24 DHCP server -- sonicwall SSL-VPN200

      The sonicwall has a fixed IP address 192.168.1.5 on the LAN segment. I've created a NAT rule as the SSL devices requests access through port 443. I've created a Nat rule:

      IF          PROTO              EXT                    NAT IP                  INT PORT RANGE
      WAN      TCP                  443(HTTPS)        192.168.1.5            443(HTTPS)

      The system created a rule on the WAN Interface allowing TCP access from any source, any port to 192.168.1.5 port 443 and any gateway and any schedule.

      however it doesnot work when I try to access the sonicwall under https://mydomain.com. I can ping the sonicwall from the PfSense router, but only on the DMZ interface, not on the WAN interface.
      I've tried everything, but do not know what I'm doing wrong

      thanks for any suggestion or idea.
      regards,
      Hans

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        http://forum.pfsense.org/index.php/topic,7001.0.html

        uncheck "Block private networks" on WAN
        uncheck "disable NAT reflection" in advanced

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • H
          hansru
          last edited by

          Hello thanks,

          made a change to the configuration. Now the SSL-VPN is in the DMZ and surpringly it now works. Tried to check all differences. Only special thing was a suspicious DHPC reservation for the laptop.

          Still wonder what the problem was..

          regards,
          Hans

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.