4. Outbound NAT not working…

Outbound NAT not working…

  • M

    Hi,

    I have a problem with outbound NAT for my LAN, WiFi and DMZ networks….  My config is as below:
    WAN    192.168.1.0/24 * * * 191.119.158.30 * NO   (LAN)
    WAN    192.168.250.0/24 * * * 191.119.158.35 * NO   (WiFi)
    WAN    10.0.0.0/24 * * * 191.119.158.20 * NO   (DMZ)

    WAN Interface IP address: 191.119.158.2 - always get it after install below packages... maybe I'm wrong...
    Virtual IPs are configured correctly and based on CARP.

    Have several public IPs from provider: 191.119.158.0-191.119.158.255

    Manual outbound is configured... but I still get WAN IP address whet I check out with http://whatismyip.com service... What can be wrong ? It worked.  After I installed squid, squidguard packages and snort it stopped to work ? What's wrong ? Anyone could help ? thanks very much

    Grzegorz Leskiewicz

    0

  • Squid is a proxy.
    This proxy runs on pfSense itself.
    All services running on pfSense itself can only make use of the main WAN.

    0
  • M

    OK. I solved the problem yesterday, but I have one more question to you…

    1. I have several virtual IPs added to my WAN as I mentioned in the above post... When I reboot the pfsense machine the CARP is starting slowly... why ? is it normal ? For me it's rather strange...

    2. When I plan to add the new virtual IP and make an outbound for it (i mean to see a new internal address as new external IP), is it necessary to reload ? I think the apply changes doesn't work correct... ? am I wrong ? how can I solve it ? I tried to reload rules, etc. It seems to work after reboot, but I'd like not to reboot my firewall because of the amount of users working on the servers in DMZ from outside...

    Simple: How to reload rules so I can use new outbound with the new virtual IP (just added) without the need of rebooting pfsense :)

    thanx for a fast answer...

    Grzegorz Leskiewicz

    0

  • I think there are a few threads about the long wait for CARP interfaces during bootup.
    As far as i know the problem is solved for the next version.

    Hmmm. I've never experienced that i had to reboot to get CARP IP's working.
    Are you sure you've waited long enough?
    A reload can, depending on your setup, take quite a while.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy