Added by DRago_Angel [InV@DER] almost 4 years ago. Updated over 3 years ago.
0%
Description
After updating to 2.5.0.a port forwarding accessible only on active WAN
Updated by DRago_Angel [InV@DER] almost 4 years ago
Update:
I have also same issues with NPt IPv6, not only with IPv4 NAT. On 2.4.5 and before it was working fine for both WAN01 and WAN02.
For me it looks like reply-to autorule is broken with NAT\NPt or something near there.
Tried to disable\change NAT reflection on specific NAT Rules, tried enable\disabled one by one system_advanced_firewall.php mentioned at top, but nothing helps.
I see on firewall tab that I have connection by allow rule, but from client it not reachable. If for example I simply bind service to needed IP on pfSense without NAT it start to work correctly for IPv4. If I remove NPt it also start work correctly.
More symptoms:
If my WAN01 is default TIER1 I can only connect to WAN01 IP4 and IPv6 from outside, but not WAN02 IPs. If I swap priority beetween WAN02 and WAN01 - I can only connect to WAN02 now. The most strange part that if I mark TIER1 GW as DOWN then I can access both WAN01 and WAN02 IPs from outside! For NPt - if I move WAN02IPV6 to TIER1 and WAN01IPV6 to TIER2 I also has access to both IPs from outside. I also can access from LAN any WAN IPs not related what is going outside.
Updated by DRago_Angel [InV@DER] almost 4 years ago
Update, issue is in:
GWWANGROUP = " "
GWWANGROUP6 = " "
Updated by 
Updated by Viktor Gurov