Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1:1 NAT and Loopback/Reflection?

    Scheduled Pinned Locked Moved NAT
    3 Posts 3 Posters 956 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mevans336
      last edited by

      We use 1:1 NAT for all our public IPs, which are configured as CARP IPs since we have an HA pair of pfSense 2.2.2 devices. Even though NAT reflection is enabled, no internal machines can hit our external FQDN without getting the pfSense admin login page. (I enabled it for WAN access.)

      To date, we've simply used internal DNS trickery to work around it, but it's at the point now where it's such a PITA that I'd like to fix it so it just works, without DNS hacks and hosts files.

      Is it possible, or is just a limitation of the way we have pfSense configured?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        DNS is the proper way to do it. Playing ping-pong with packets is not.

        1 Reply Last reply Reply Quote 0
        • Z
          zephxiii
          last edited by

          ugh, make me manage a split DNS system instead of being lazy cuz it already worked!! Makes sense if you are moving a lot of data but for small stuff, meh.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.