pfSense

I have had the exact same issue. So we already know it's multiple affected users.

The issue is in the default routing table of PFsense.(my guess)

When you got to Diagnostics: Routing tables ; Look at your first IPV4 default route. You will notice the gateway IP will be your 'WAN' Connection ( The Default NIC that PFSense sets in the initial setup as your 'WAN').

The issue that is at hand when you are trying to NAT and have a Gateway Group that is using load balancing with 2 WAN gateways set as Tier 1 ..

SERVER 1 (Port80) ---------------> ----Tier 1----------> 'WAN'
SWITCH -----------> PFSENSE
SERVER 2 (Port80) ---------------> ----Tier 1----------> 'OPT1'

Now when you have have this config , and you check to see if the port is open. It will be open on 'WAN'. Now no matter what you check or what I do , I have been unable to have the port open on 'OPT1'. Now the only way I have fixed this issue, Same with Marv above.. If you set the 'OPT1' Gateway as default , check the port. It will be open. Go back , Un-default 'OPT1' so there is no default again. Just as the Multiwan Gateway load balance should be. It will work work. You can also refer to my post. http://forum.pfsense.org/index.php/topic,57927.0.html

This is a BUG , Please do not disregard

Please discuss it on the forum until a developer confirms a bug exists.

You still could have a configuration issue (e.g. You don't have the gateway selected on the Interface screen, resulting in a lack of reply-to on the rules, or you have reply-to disabled for some reason).

Ok , So you know what. That's fine. You guy's dont think it's a bug.. It's pathetic PFSense is the most powerful open source firewall but when ignorance like this is taken, It makes me have very little faith in the open source community.

TAKE IT TO THE LAB AND PROVE ITS NOT A BUG. I Have taken this to the lab for over 3 weeks, and Marv here also. I know for a fact we 2 are not the only users that have had this issue.

Dont Trust me Jim..Go test it yourself this is NOT A configuration issue. Go see my post , reply 10 with that config it works. And will work the first time no issue, then if you make a change in the config the only way to get NAT to work on both WAN ip's is ff you go to your system gateways, select the OPT1 interface, and make that default gateway, save go back un default it so now you have no defaults. and NAT will work again

IF THATS NOT A BUG, then I need to go back and re-educate myself ;)

Robert Stefanovic wrote:

Ok , So you know what. That's fine. You guy's dont think it's a bug.. It's pathetic PFSense is the most powerful open source firewall but when ignorance like this is taken, It makes me have very little faith in the open source community.

The main problem is that you're not following procedure or listening to what I'm saying here. There is no link to the forum post on the ticket, so no context. There was, until late last night, no developer commenting on the thread that I just happened to stumble upon in the forum.

TAKE IT TO THE LAB AND PROVE ITS NOT A BUG. I Have taken this to the lab for over 3 weeks, and Marv here also.

The burden is not on the developers to prove it's not a bug. We can't test every possible combination of configuration options. We need as much detail as possible about a person's config to narrow things down, and there are key parts missing from the forum post.

I know for a fact we 2 are not the only users that have had this issue.

I only see you and the other guy in the thread. Where are the others? I set this up several times every week for customers, and there are hundreds/thousands of them working fine.

Dont Trust me Jim..Go test it yourself this is NOT A configuration issue. Go see my post , reply 10 with that config it works. And will work the first time no issue, then if you make a change in the config the only way to get NAT to work on both WAN ip's is ff you go to your system gateways, select the OPT1 interface, and make that default gateway, save go back un default it so now you have no defaults. and NAT will work again

There is no copy of the raw config.xml or /tmp/rules.debug to test it myself.

IF THATS NOT A BUG, then I need to go back and re-educate myself ;)

If what the last posts on the thread indicate is true, it is a configuration issue. Not a bug. Don't use 'rdr pass' for multi-wan port forwards.

But the real issue here is that this discussion belongs on the forum until a developer confirms if it's a bug of not. There is not enough raw info on the thread to tell anything definitively. Opening a ticket was premature. If we get info that does confirm it's a bug, then we can open a ticket. But that's the proper procedure.

I have the same problem. Port forwards from a secondary gateway DON'T work. They only work if the default route is the same gateway as the port forward.

Here is a form link where no one has responded:
[[http://forum.pfsense.org/index.php/topic,64548.0.html]]