Netgate SG-1000 microFirewall

Author Topic: LAN side internal load-balance. Help!  (Read 1595 times)

0 Members and 1 Guest are viewing this topic.

Offline romp

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
LAN side internal load-balance. Help!
« on: May 19, 2012, 08:41:00 pm »
I have a problem that seems like it should be easy to do, but pfSense hates me.

I have several SMTP servers.  I would like to be able to load balance them when one of our LAN servers sends emails.  I do not need nor want it accessible from the WAN.

For example,

  LAN interface:
  Load Balance IP:
  Pool IPs;

Yes, they are all in the same subnet.

If I telnet (port 25) directly to the SMTP servers (eg I can connect fine.  If I try the same with, nada.

I have seen information saying that I need to do NAT Reflection or something, but I can't figure out where, how, or what to add.

Please help.

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 13719
  • Karma: +609/-8
    • View Profile
Re: LAN side internal load-balance. Help!
« Reply #1 on: May 19, 2012, 09:49:51 pm »

Pfsense does not hates you, it's just doing what you configured :)

See what is happening:
workstation asks a smtp connection forward this request to pool member accepts the request and answer ok to rejects the message as it asked for a connection.

Forcing source ip to while talking to using an outbound nat rule will fix this communication issue.
You may need to change outbound nat to manual before applying the rule.

Marcello Coutinho
« Last Edit: May 19, 2012, 09:52:56 pm by marcelloc »