Project

General

Profile

Actions
Copy link

Bug #969

closed

NAT rdr work only on one interface

Added by Mike Stupalov about 14 years ago. Updated about 14 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
2.0
Start date:
10/23/2010
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

Pfsence version:

2.0-BETA4 (i386)
built on Fri Oct 22 10:39:54 EDT 2010
FreeBSD totoro.office.p8.ru 8.1-RELEASE-p1 FreeBSD 8.1-RELEASE-p1 #1: Fri Oct 22 10:36:08 EDT 2010 sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.8 i386

I have 2 WAN connection (WAN, WAN_PROMETEY), configured over VLANs. (And 1 LAN connections):

em1_vlan302: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=3<RXCSUM,TXCSUM>
    ether 00:30:48:8b:4f:2d
    inet6 fe80::211:95ff:fe1d:2644%em1_vlan302 prefixlen 64 scopeid 0x8 
    inet 212.116.101.94 netmask 0xffffffe0 broadcast 212.116.101.95
    inet 212.116.101.70 netmask 0xffffffff broadcast 212.116.101.70
    inet 212.116.101.71 netmask 0xffffffff broadcast 212.116.101.71
    inet 212.116.101.72 netmask 0xffffffff broadcast 212.116.101.72
    nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
    media: Ethernet autoselect (100baseTX <full-duplex>)
    status: active
    vlan: 302 parent interface: em1
em1_vlan300: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=3<RXCSUM,TXCSUM>
    ether 00:30:48:8b:4f:2d
    inet6 fe80::211:95ff:fe1d:2644%em1_vlan300 prefixlen 64 scopeid 0x9 
    inet 77.222.44.10 netmask 0xfffffff0 broadcast 77.222.44.15
    inet 77.222.44.12 netmask 0xffffffff broadcast 77.222.44.12
    inet 77.222.44.8 netmask 0xffffffff broadcast 77.222.44.8
    inet 77.222.44.9 netmask 0xffffffff broadcast 77.222.44.9
    inet 77.222.44.6 netmask 0xffffffff broadcast 77.222.44.6
    inet 77.222.44.5 netmask 0xffffffff broadcast 77.222.44.5
    nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
    media: Ethernet autoselect (100baseTX <full-duplex>)
    status: active
    vlan: 300 parent interface: em1

I have created 2 identical NAT rdr rules for different interfaces:
If Proto Src. addr Src. ports Dest. addr Dest. ports NAT IP NAT Ports
WAN TCP * * 77.222.44.12 3333 Host_mike 22 (SSH)
WAN_PROMETEY TCP * * 212.116.101.72 3333 Host_mike 22 (SSH)

But as a result the second rule works only:

$ telnet 77.222.44.12 3333
Trying 77.222.44.12...
telnet: connect to address 77.222.44.12: Operation timed out
telnet: Unable to connect to remote host


$ telnet 212.116.101.72 3333
Trying 212.116.101.72...
Connected to 212.116.101.72.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu4

And has ceased to work after one of the last updates (Rules didn't change for a long time).

Files

rules.debug (20.9 KB) rules.debug Mike Stupalov, 10/23/2010 07:31 AM
Actions
Copy link

Also available in: Atom PDF