1:1 NAT not working

  • I've had an ancient computer running version 2.0.1 for about 3 years now.  Today I upgraded to a SG-2440 running 2.2.4-RELEASE.

    The 1:1 NAT rule is not working.  For the life of me I can't figure it out…  It was working in 2.0.1 and it is not working in 2.2.4.  All I'm trying to do is forward traffic from to on my LAN.  In 2.0.1, I added a Virtual IP and 1:1 NAT.  In 2.2.4, it just doesn't want to work.  I've even tried it after doing a factory reset so that the only things configured are the WAN and LAN interfaces and the NAT configuration.

    The WAN IP is  If I add a rule to pass all ICMP packets, I can ping but not  I see no packets logged for the rule.  I suspect that the virtual IP is the problem.

    If I key everything below into 2.0.1, it works.  If I key it into 2.2.4, it doesn't.  Perhaps there's a setting somewhere in 2.0.1 that was set long ago that I'm not aware of.

  • I did some more reading this morning.  Maybe it's different now vs 4 years ago when 2.0.1 was built…

    The thread below suggests setting them up as CARP VIPs and forwarding the appropriate ports instead of doing 1:1.  I'll give that a shot tonight.


  • Where you able to resolve your issue?

    I'm having the exact same problem.  Just need to do a simple 1:1 NAT to a server and it's not getting through.

  • I had some problem when upgrading from a 2.1.x to 2.2.x, if you feel like trying then maybe you could try this.

    In System < Admin < NAT

    • Set "NAT Reflection mode for port forwards" to NAT + Proxy
    • Checked "Enables the automatic creation of additional NAT redirect rules for access to 1:1 mappings of your external IP addresses from within your internal networks"

Log in to reply