Outbound NAT - pfsense - 4.1-RELEASE
Liz
New Member Posts: 2 ✭
Outbound NAT'ing does not seem to work.
From the Pfsense I can reach the internet, however devices behind the pfsense cannot. The packet reaches the internal interface of the pfsense and then nothing. My automatic rule looks like this: Interface: WAN 192.168.128.0/17 source port: * Destination: * Destination Port: * NAT Address: WAN address NAT port: * Static Port =>(linked rule icon) Description: Auto created rule.
I have tried Outbound NAT mode: Automatic as well as Hybrid
Any ideas why outbound NAT's is not functioning as expected?
From the Pfsense I can reach the internet, however devices behind the pfsense cannot. The packet reaches the internal interface of the pfsense and then nothing. My automatic rule looks like this: Interface: WAN 192.168.128.0/17 source port: * Destination: * Destination Port: * NAT Address: WAN address NAT port: * Static Port =>(linked rule icon) Description: Auto created rule.
I have tried Outbound NAT mode: Automatic as well as Hybrid
Any ideas why outbound NAT's is not functioning as expected?
Comments
-
I'd reach out on the pfSense forums.
I've installed 4 different versions of pfSense on two UP Squared boards with default settings - and they were able to route clients from behind the NAT right out of the gate.
EDIT: one thing I did notice is how finicky USB drives are for installing operating systems. It took several re-imaging ISOs with Etcher, even though Etcher "Verified" each ISO write to USB, to get successful operating systems loaded on the UP2. I've noticed random files that were corrupted on the USB sticks i was using.
I mentioned I installed pfSense 4 times on 2 boards: it was like after 2 or 3 attempts with 2 or so USB sticks, for each successful installation. Even after one successful installation, re-using the USB sometimes didn't even work (which in turn made me pull down another nightly snapshot of pfSense to install).
So my advice would be to try installing pfSense again, and maybe a 3rd time for good measure. I have high quality USB sticks but it didn't seem to matter.
I only found out about how bad imaging USB sticks are after my QubesOS installations. They embed a hash to verify the USB stick before installation, to ensure it hasn't been tampered with. 4 out of 5 times, it always fails with various ISO imaging software (Rufus, Etcher, etc). It's difficult to get a stick that passes QubesOS' verification process.
I only wish more ISOs would use this self-verification process to ensure the ISO written to USB was 100% exact before installing.
Otherwise, hit up the pfSense forums.Eric Duncan - UP Evangelist - My thoughts are of my own free will
Answered? Please remember to mark the posted answered to highlight it for future visitors!
-
Thanks. i'll be sure to update what I find.