pfSense Gold Subscription

Author Topic: Outbound NAT'ing - unable to reach internet from behind the pfsense  (Read 112 times)

0 Members and 1 Guest are viewing this topic.

Offline drazil

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Outbound NAT'ing does not seem to work. My WAN interface is a /29 issued by our ISP

From the Pfsense I can reach the internet, however devices behind the pfsense cannot. The packet reaches the internal interface of the pfsense and then nothing.  My automatic rule looks like this:  Interface:  WAN   192.168.128.0/17    source port:   *     Destination:      *    Destination Port:   *       NAT Address: WAN address    NAT port:   *     Static Port  =>(linked rule icon)    Description:  Auto created rule.

I have tried Outbound NAT mode: Automatic as well as Hybrid

Any ideas why outbound NAT's is not functioning as expected?

Online viragomann

  • Hero Member
  • *****
  • Posts: 2499
  • Karma: +264/-1
    • View Profile
Re: Outbound NAT'ing - unable to reach internet from behind the pfsense
« Reply #1 on: November 07, 2017, 12:06:09 pm »
Why do you think the Outbound NAT doesn't work?
Have you done a packet capture on WAN? If yes, please post the output.

Can you resolve public host names on a LAN device?

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14295
  • Karma: +1330/-193
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Outbound NAT'ing - unable to reach internet from behind the pfsense
« Reply #2 on: November 07, 2017, 02:02:16 pm »
"WAN   192.168.128.0/17"

Huh?

What is it with people and ascii art.. Can you not just take a screen shot and post exactly what your seeing..

Doesn't like every OS on the planet that has a gui currently have a built in screen snipping tool..

https://support.microsoft.com/en-us/help/13776/windows-use-snipping-tool-to-capture-screenshots
https://www.itg.ias.edu/content/keyboard-shortcuts-capture-screen-shot-mac-os-x
https://www.howtogeek.com/268036/how-to-take-a-screenshot-on-linux/

Firefox added a screenshot util even.
https://support.mozilla.org/en-US/kb/firefox-screenshots

Chrome OS
Press Ctrl + switch window. (For non-Chrome OS keyboards, press Ctrl + F5.)
Your screenshot is saved as a PNG file in your "Downloads" folder.

Why do we constantly have to deal with this ascii art nonsense??

Took me less time to look up all the different ways to take screen shots and post them then try and figure out what that is suppose to be telling me.. So your running 192.168.128.0/17 on your lan side network??  Why???  You really have that many hosts?  Do you have a shit ton of downstream networks?
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.2-RELEASE on VM esxi 6.5 (home)

Online viragomann

  • Hero Member
  • *****
  • Posts: 2499
  • Karma: +264/-1
    • View Profile
Re: Outbound NAT'ing - unable to reach internet from behind the pfsense
« Reply #3 on: November 07, 2017, 02:39:55 pm »
"WAN   192.168.128.0/17"

Huh?
That's the outbound NAT rule, so 192.168.128.0/17 is presumably the LAN network.

However, the "Huh?" is appropriate though.  ;)