NAT 1:1 problem



  • Hello everybody,
    I have a problem with my pfSense server: I want to make NAT 1:1 just to have each client from the internal network with his unique public IP over internet. pfSense router WAN ip : 89.xxx.yyy.yyy/30 and LAN IP : 192.168.100.1/25
    I have 89.xxx.xxx.0/25 public IP class from my ISP, and in my network 192.168.100.0/25.
    a) I added VIPs as an IP class 89.xxx.xxx.0/25
    b) I enabled 1:1 NAT: IP class 89.xxx.xxx.0/25 to my internal IP class 192.168.100.0/25.
    I don't need external access to those IPs, since their are not servers, and I skipped c) configuration of the firewall for external access.

    My problem is that after I enabled NAT 1:1, the internet connection from internal computers is dropping, from 1,5Mbps to 10kbps and each computer is with his corresponding public IP.
    It is something related to the fact that my LAN IP of the router is also related to an VIP (89.xxx.xxx.1) ?



  • I was wondering if you ever solved this issue. I seem to be having a similar issue with my DMZ. I have a /28 public subnet that I have NAT 1:1 into my DMZ. The systems in the DMZ can't get out with NAT 1:1 enabled and mapped from the public IPs to their private IPs.

    EDIT: Scratch the inbound working fine. It only works if I connect to OpenVPN. Inbound NAT is hosed too.



  • It was a problem from my ISP. It is working now.


Locked