Cannot get NAT to work

hansru

hello,

I'm getting really frustrated. I have problems with getting NAT properly working. I have on two locations PfSense and it is partly working

Config:

DLS modem                  –--------              PfSense 1.2RC3 (Alix 2c1)
10.0.0.138                                              vr(1) WAN 10.0.0.10 via DHCP
DMZ --> 10.0.0.10                                    vr(2) DMZ  192.168.16.1/24 DHCP server  -- Laptop
                                                            vr(0) LAN  192.168.1.1/24 DHCP server -- sonicwall SSL-VPN200

The sonicwall has a fixed IP address 192.168.1.5 on the LAN segment. I've created a NAT rule as the SSL devices requests access through port 443. I've created a Nat rule:

IF          PROTO              EXT                    NAT IP                  INT PORT RANGE
WAN      TCP                  443(HTTPS)        192.168.1.5            443(HTTPS)

The system created a rule on the WAN Interface allowing TCP access from any source, any port to 192.168.1.5 port 443 and any gateway and any schedule.

however it doesnot work when I try to access the sonicwall under https://mydomain.com. I can ping the sonicwall from the PfSense router, but only on the DMZ interface, not on the WAN interface.
I've tried everything, but do not know what I'm doing wrong

thanks for any suggestion or idea.
regards,
Hans

GruensFroeschli

http://forum.pfsense.org/index.php/topic,7001.0.html

uncheck "Block private networks" on WAN
uncheck "disable NAT reflection" in advanced

hansru

Hello thanks,

made a change to the configuration. Now the SSL-VPN is in the DMZ and surpringly it now works. Tried to check all differences. Only special thing was a suspicious DHPC reservation for the laptop.

Still wonder what the problem was..

regards,
Hans