This is kicking my butt…



  • I have read the forum for 3 days now and I just can't find the answer anywhere so far. I installed and basically configured pfSence and I can get out to the internet and can even get to the web interface of the pfSence via a public IP address but, I can't get to any of my other servers and Voip gateways inside my internel network. The Firewall log shows the connection was allowed but, I never get the page.
    I have 2 different ranges of external IP's (5 on each subnet) coming in with 2 different gateways.

    LAN
    192.168.0.0, 192.168.1.0, 192.168.2.0 subnet 255.255.252.0 gateway 192.168.0.250 (gateway of pfs)

    Ex Range 1
    x9.3x.8x.168 - x9.3x.8x.173 subnet 255.255.255.0 gateway x9.3x.8x.174
    my pfSense WAN IP is x9.3x.8x.172
    I set the default gateway of the pfs to the above.

    Ex Range 2
    x6.x4.1x6.50 - x6.x4.1x6.54 subnet 255.255.255.248 gateway x6.x4.1x6.49
    my VoIP gateway address is: 192.168.0.10

    WAN Rules - so far

    Proto    Source        Port    Destination    Port    Gateway    Schedule      Description

    *      ! WAN address  *      x9.3x.8x.172    *          *                        pfSense WAN Management  (If I remove the ! then can't get to the interface)

    TCP    ! WAN address  *      x6.x4.1x6.51    *          *                        Nortel BCM

    LAN Rule

    *        ! LAN address      *          *              *          *                          Default LAN  (If I remove the ! then can't get to the internet)

    Virtual IP - as a test

    x6.x4.1x6.51/29                                                                                Nortel BCM 50

    NAT 1:1

    Interface                      External IP                  Internal IP                      Description

    WAN                          x6.x4.1x6.51/32          192.168.0.10/32                Nortel BCM

    If I can get the BCM Link to work, I can get the rest of them…I hope.

    Thanks in advance!

    mike



  • Another case of the infamous Enable NAT Reflection?

    Log in to WebGUI and go to System/Advanced and uncheck the Disable NAT Reflection.



  • Thanks for the reply, I unchecked the feature and still no connection to inside server.



  • NAT reflection does not work for 1:1 NAT.
    http://forum.pfsense.org/index.php/topic,7001.0.html



  • Thanks again, it works perfectly!!! You guys are geniuses!


Locked