pfSense: How To NAT / Port Forward With a Multiple Wan / Fail over setup




About this tutorial:

Video duration: 9:17
Amazon Affiliate Store

Gear we used on Kit

Affiliates that help us out and can get you discounts!

Lawrence Systems Shirts and Swag

PIA Internet Access Affiliates Link

pFsense: How To NAT / Port Forward With a Multiple Wan / Fail over setup

14140 Pennsylvania Southgate MI…

Post Author: OfficeTutes.com

Apple lover, ICT and LEAN consultant, MS Office lecturer My other website with video tutorials - Tutorials, guides and news for iPhones and iPads

22 thoughts on “pfSense: How To NAT / Port Forward With a Multiple Wan / Fail over setup

    Jhartug Tong

    (August 14, 2019 - 3:52 pm)

    Hello sir, i learned a lot from you… can i ask how is your ISP configured to connect pfsense. where they are all bridged using static IP or dynamic or just the normal rout setup. i have 1 static and 1 dynamic and i want both to do port forward. it is my first time doing port forward. any link from your vids would be awesome. than you.

    Murphy deffa

    (August 14, 2019 - 3:52 pm)

    No do same with dual wan load blancing.
    pfsense is broken thing. Dual wan load balance port forfard is impossible. Its deffective.

    Linux Pc4Me

    (August 14, 2019 - 3:52 pm)

    Please explain, i understand your video. But you have only one local network. However when I try to duplicate it on my system it fails. I have a block of public IP's from my internet provider. The first IP is configured as WAN in PfSense. The others have been created as 3 Virtual IP's. I have a Netgate sg-4860 appliance ( WAN +LAN + 4 OPT ports). Each port (LAN, Opt1, Opt2, Opt3, Opt4) has DHCP assigned (162.168.10.1; 10.2; 10.3; 10.4; 10.5). How to I connect a Virtual IP to the local network on OP1 or another Opt port? Thank you

    anothercrappypianist

    (August 14, 2019 - 3:52 pm)

    I really appreciated this video. I'm evaluating pfsense to replace my homebrew Linux router/firewall. I've actually 3 separate WAN interfaces and quite a number of port forwards on these interfaces. For my situation, it's just much too unwieldy to maintain each rule in triplicate for each interface. I see a feature request for supporting interface groups with NAT rules that's 8 years old, so I don't see that going anywhere any time soon. 🙂

    So pfsense isn't for me, and I'm grateful that this video saved me a pile of time. Thanks! (My tone really doesn't come across properly in text, but I really do mean that in a totally not passive aggressive way. :))

    zaineb saadoun

    (August 14, 2019 - 3:52 pm)

    How did you create the networks ?

    Sig SemiAutoArms

    (August 14, 2019 - 3:52 pm)

    I know this is somewhat dated but I am running pfSense 2.4.1 and am trying to setup simple 1:1 NAT. I have failed horribly! Watched every video I could find here and nothing works. Even my son that is a Raytheon network engineer is stumped (although he is not familiar with pfSense). My ISP (Charter Spectrum) has given me a block of 32 IPs, 29 usable. The modems "LAN" uses x.x.x.97. Radio links use x.x.x.99 & x.x.x.100. pfSense box is x.x.x.104 with a netmask of 27 (255.255.255.224). Once I setup the 1:1 NAT, I can access everything on the inside from external but nothing gets out from internal except I can ping anything from the inside. Web browsing internally fails, steaming fails (Netflix), etc. DNS seems to be ok, since when I do the ping from internally, names are resolved to IPs and the RT of the pings are successful. When internal-to-external fails, I can go to System Logs/Firewall and I get the infamous "Default deny rule IPv4 (1000000103)" and/or "Default deny rule IPv4 (1000000104)". I have tried the "Easy Rule" add but it still fails. Acts like the LAN rules are being ignored which is totally bizzare! I even bounce the pfSense state tables after every change.
    I claim to have tried everything and have found a need to double my xanax intake 😉
    Is there a way someone could point me to a video I might have missed or give me some sort of hint what might be the issue? I know how difficult it is trying to visualize such without being there. I am a SW engineer having done communication coding myself (35 years now, yep, an old fart but can learn new tricks!) and thought I had a pretty good knowledge of the intricacies of networking. Hell, I can still translate a wireshark hex dump into binary in my head so I am not too far gone… yet…

    Any help would be greatly appreciated!!!
    Sig

    Shiellou Jabonga

    (August 14, 2019 - 3:52 pm)

    Queston: Can i use failover on two pfsense?. Can you give me a link how to configure this setup sir. Thank you.

    81keyholder

    (August 14, 2019 - 3:52 pm)

    cant port forward to my Cod4 server… any idea why not ? Nothing works at all even on a clean install of pfsense… Pfsense becoming more hassle than its worth,!!

    NewGuy

    (August 14, 2019 - 3:52 pm)

    Ive done what you said in the video but i cant figuire out how to get my half life Sven coop video game server up and running..? What am i doing wrong?

    Running windows 10, hyper v with pfsense installed then installing the game on the windows 10 where the hyper v is installed. 1 WAN 1 LAN

    Adam Shrum

    (August 14, 2019 - 3:52 pm)

    Is there more configuration that needs to be done under Firewall > Virtual IPs to get the static ip's to resolve when one network fails? I setup an IP Alias for each Static IP on the failover block with WAN2 for the interface, but when I unplug the main network these ip's won't resolve.

    V W

    (August 14, 2019 - 3:52 pm)

    Your volumes soooo low

    Joey L.

    (August 14, 2019 - 3:52 pm)

    Awesome. I've subscribed to your channel. I'd love to see more pfsense videos, if you feel so inclined.

    cbutters Tech

    (August 14, 2019 - 3:52 pm)

    Thank you! I'm loving your videos and your way of explaining things. You have a way of making it easy to understand all the concepts of what you are working with, even when things aren't straightforward. Great work.

    TKO _

    (August 14, 2019 - 3:52 pm)

    So I am trying to set up a public gameing server for games like space engineer, minecraft, and any thing else but I don't want to have the problems of people hacking into my ip address could you do a video on this

    Earnest Redwood

    (August 14, 2019 - 3:52 pm)

    ok let me give that a go and I will get back to you.

    Earnest Redwood

    (August 14, 2019 - 3:52 pm)

    just tell me what you need and I change every thing when get this. if I need to email you anything just let me know..

    Earnest Redwood

    (August 14, 2019 - 3:52 pm)

    Would like me to email that to you, it’s cable modem plug in a hp computer that I am using for my pfsense box that is going to a netgear wireless router form there I have a cisco 16 port switch that I have the to server plugged into. Before I use pfsense it was just the cable modem , netgear wifi router. R600. From there and for there cisco switch then server 1, and server 2 I could ssh in to both of them.

    Earnest Redwood

    (August 14, 2019 - 3:52 pm)

    Ok let me start with this: I use Spectrum for my ISP, I have a netgear wireless bow connected to it. Before I set up this pfsense box. I could port forward into my netgear wireless router, ssh in to any of my computer that I setup. This is all I want do. But this is the hardest setup I have ever encountered. I tried what you show in the video and I still cant get to my computers.

    Philip Dijkstra

    (August 14, 2019 - 3:52 pm)

    I have a zbox ci323 running pfsense to have a cpu that can encrypt and decrypt my 150mbit traffic fast enough through my vpn provider. Then Netflix started blocking vpn connections and my kids watch a lot of netflix so i had to find a way to only route specific clients through vpn. I combined several guides and a week of trying but it has now been running perfectly for 8 months. I think more people will have this usecase but there isn't a good guide/video on the subject. It would be great if you made that video. I can provide the info i used to set it all up and share my pfsense config.

    Karl Venus

    (August 14, 2019 - 3:52 pm)

    Can I use virtualbox for practice in MAC? thanks

    TheRangeControl

    (August 14, 2019 - 3:52 pm)

    what should I look at for installing SSDs into a PFSense box?

    I am told that SSDs often fail with PFSense due to the number of writes.

    please do a tutorial.

    rendy gunardi

    (August 14, 2019 - 3:52 pm)

    Hi can you make tutorial about "how to setup dnscrypt on pfsense"

Leave a Reply

Your email address will not be published. Required fields are marked *