Bug #13283: PBR forcing traffic out one WAN and back into another WAN with NAT Reflection Fails - pfSense Plus - pfSense bugtracker

Actions

Copy link

Bug #13283

closed

PBR forcing traffic out one WAN and back into another WAN with NAT Reflection Fails

Added by Kris Phillips about 3 years ago. Updated about 3 years ago.

Status:

Not a Bug

Priority:

Normal

Assignee:

Category:

NAT Reflection

Target version:

Start date:

Due date:

% Done:

Estimated time:

Release Notes:

Default

Affected Plus Version:

Affected Architecture:

All

Description

Assuming the following configuration:
2 WAN interfaces WAN1 and WAN2
One LAN interface with Host A and Host B.
Host A is hosting a service on 443 that is port forwarded on port 443 externally on WAN1
Host B has a PBR forcing traffic for any destination out WAN2

In this configuration, when Host B tries to access the Port Forward for HTTPS 443 on Host A by the WAN1 address, NAT reflection should rewrite the destination IP to the private address. This occurs and traffic will show up on neither WAN1 or WAN2 in a pcap and only on LAN, but the connection will never be made and Host B is unable to connect to Host A.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Plus

Custom queries

Bug #13283

PBR forcing traffic out one WAN and back into another WAN with NAT Reflection Fails

Updated by Marcos M about 3 years ago