Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    NAT With Multiple IPs Issue

    NAT
    3
    5
    828
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pfsenseuser24 last edited by

      I am a bit confused on why this is not working, here is my scenario

      -Pfsense management IP set to 1.1.1.1
      -1.1.1.2 set as a virtual IP
      -NAT 1:1 1.1.1.2 to 10.0.0.160

      When I try to Port Forward port 80 to 1.1.1.2 or 10.0.0.160 it brings me to the Pfsense management interface instead.

      What do I need to do so that if I am trying to access 1.1.1.2:80 that it knows to bring me to 10.0.0.160:80 ?

      1 Reply Last reply Reply Quote 0
      • M
        muswellhillbilly last edited by

        I'm making an assumption here that 1.1.1.1 is your WAN IP and that your internal LAN network is 10.0.0.x. It would help knowing if this is the case and what your firewall/NAT rules are before making any guesses. I also don't quite see how connecting to 10.0.0.160 (internally, I'm guessing - again) would take you to the PFS management console, unless you're doing some wierd and wonderful routing somewhere.

        Start by posting screenshots of your NAT and firewall rules. And clarify which are your LAN and WAN connections, please.

        1 Reply Last reply Reply Quote 0
        • P
          Pfsenseuser24 last edited by

          @muswellhillbilly:

          I'm making an assumption here that 1.1.1.1 is your WAN IP and that your internal LAN network is 10.0.0.x. It would help knowing if this is the case and what your firewall/NAT rules are before making any guesses. I also don't quite see how connecting to 10.0.0.160 (internally, I'm guessing - again) would take you to the PFS management console, unless you're doing some wierd and wonderful routing somewhere.

          Start by posting screenshots of your NAT and firewall rules. And clarify which are your LAN and WAN connections, please.

          1.1.1.1 = WAN IP #1
          1.1.1.2 = WAN IP #2

          10.10.10.1 = LAN Pfsense Mgmt IP
          10.0.0.160 = LAN Web Server

          My question is really, if you have 2 WAN IPs, how does pfsense know which to port forward if both are listening on the same port?

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            Port forwards are an IP_Address:port combination.

            IP_Address1:80 can forward somewhere differently that IP_Address2:80.

            It is said again and again that port forwards take precedence over the firewall listening on a port yet COUNTLESS people report he same result as you are. Ima test this right now.

            1 Reply Last reply Reply Quote 0
            • Derelict
              Derelict LAYER 8 Netgate last edited by

              System > Advanced, Admin Access tab

              Protocol: HTTPS
              TCP Port: blank
              WebGUI redirect: unchecked (enabled)

              Firewall > NAT, Port Forward tab

              Interface: WAN
              Protocol: TCP
              Destination: WAN address
              Destination port range: HTTP
              Redirect target IP: 172.26.0.100
              Redirect target port: HTTP
              Description: Pass HTTP to web server
              Filter rule association: Rule NAT Pass HTTP to web server (Auto-created)

              http://172.27.0.5/ I get the forwarded web server.

              I have no idea why people say they get the WebGUI. Probably testing from inside or something equally wrong.

              ![Screen Shot 2016-03-13 at 5.41.16 PM.png](/public/imported_attachments/1/Screen Shot 2016-03-13 at 5.41.16 PM.png)
              ![Screen Shot 2016-03-13 at 5.41.16 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-03-13 at 5.41.16 PM.png_thumb)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy