Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Outbound NAT not working…

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mstgeo
      last edited by

      Hi,

      I have a problem with outbound NAT for my LAN, WiFi and DMZ networks….  My config is as below:
      WAN    192.168.1.0/24 * * * 191.119.158.30 * NO   (LAN)
      WAN    192.168.250.0/24 * * * 191.119.158.35 * NO   (WiFi)
      WAN    10.0.0.0/24 * * * 191.119.158.20 * NO   (DMZ)

      WAN Interface IP address: 191.119.158.2 - always get it after install below packages... maybe I'm wrong...
      Virtual IPs are configured correctly and based on CARP.

      Have several public IPs from provider: 191.119.158.0-191.119.158.255

      Manual outbound is configured... but I still get WAN IP address whet I check out with http://whatismyip.com service... What can be wrong ? It worked.  After I installed squid, squidguard packages and snort it stopped to work ? What's wrong ? Anyone could help ? thanks very much

      Grzegorz Leskiewicz

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Squid is a proxy.
        This proxy runs on pfSense itself.
        All services running on pfSense itself can only make use of the main WAN.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • M
          mstgeo
          last edited by

          OK. I solved the problem yesterday, but I have one more question to you…

          1. I have several virtual IPs added to my WAN as I mentioned in the above post... When I reboot the pfsense machine the CARP is starting slowly... why ? is it normal ? For me it's rather strange...

          2. When I plan to add the new virtual IP and make an outbound for it (i mean to see a new internal address as new external IP), is it necessary to reload ? I think the apply changes doesn't work correct... ? am I wrong ? how can I solve it ? I tried to reload rules, etc. It seems to work after reboot, but I'd like not to reboot my firewall because of the amount of users working on the servers in DMZ from outside...

          Simple: How to reload rules so I can use new outbound with the new virtual IP (just added) without the need of rebooting pfsense :)

          thanx for a fast answer...

          Grzegorz Leskiewicz

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            I think there are a few threads about the long wait for CARP interfaces during bootup.
            As far as i know the problem is solved for the next version.

            Hmmm. I've never experienced that i had to reboot to get CARP IP's working.
            Are you sure you've waited long enough?
            A reload can, depending on your setup, take quite a while.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.