Welcome, Guest. Please login or register.
Did you miss your activation email?
+  pfSense Forum
|-+  pfSense English Support» NAT» Outbound Nat always using wan ip not assigned vip's
Username:
Password:
 
Home Help Search Login Register
 

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Outbound Nat always using wan ip not assigned vip's  (Read 602 times)
0 Members and 1 Guest are viewing this topic.
Seumas
Newbie
*
Offline Offline

Posts: 2


View Profile
« on: November 15, 2008, 05:54:59 pm »
Read through the threads before I posted here, I did get an answer to what I was trying to do which is map outbound nat to a vip instead of the wan interface ip. Seems no matter how I configure it according to the posts I read, the outbound nat always gets the wan interface ip when I go to "whatismyip". I got the port forwarding from vip's working just fine, no problems, easy. The outbound is being a bit tricky. Anyways, here's my setup:
T1 connection with 4 external ip's. 4 servers, all windows. Exchange, citrix, web, and one just idle. I setup the vip's with my external ip address. created the port forwarding rules and firewall rules. All works fine, everything goes to where it is supposed to. The only problem I have is that all outbound traffic goes out via the wan interface ip address not the public ip's i have forwarded to the servers. This breaks active sync and causes a few issues in citrix. I set outbound NAT to manual and created a rule according to what the post I read said to do. For starters I just tried to set it so all outbound traffic from a specific server would go out on it's specific external IP. Then I tried just doing single ports. It never will show the right address. Here is how it is setup atm. Any pointers would be greatly appreciated.

Thanks in advance,
Seumas
« Last Edit: November 15, 2008, 05:58:31 pm by Seumas » Logged
kpa
Full Member
***
Offline Offline

Posts: 86


View Profile
« Reply #1 on: November 15, 2008, 06:39:47 pm »
Source port for outgoing http connection will never be 80 but some random port chosen by the operating system. Leave the source port blank and put 80 in the destination port field, also leave the port field in the translation part empty.
« Last Edit: November 15, 2008, 06:58:28 pm by kpa » Logged
Seumas
Newbie
*
Offline Offline

Posts: 2


View Profile
« Reply #2 on: November 16, 2008, 07:37:43 pm »
Thanks for the input, I tried it, even tried leaving the destination port blank so that all traffic outbound from that server would be directed out via it's public address. Still doesn't work, as a matter of fact, no internet connections work at all not even inbound. But when I change outbound back to automatic, internet connections work again but I am back to square one with all outbound traffic going out via the wan interface ip and not the server specific public ip's (virtual ip's) I assigned and active sync of course doesn't work then. I am not using 1:1 nat, just some virtual ip's on the wan interface for my public ip addresses and some port forwarding. Very simple configuration that has me stumped lol

If I have overlooked something please feel free to correct me, my ego is not a concern at this point in time LMAO

Thanks again,

Seumas
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

 

Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC
Page created in 0.274 seconds with 19 queries.