pfSense / Load Balancer: Access Virtual Server from LAN

Question

I have a network as diagram below:

On SITE A, pfSense firewall server public port for a virtual server (example: port X), virtual server have 2 pool:

Pool 1: point to A_Srv_01
Pool 2 (Fall-back Pool): point to A_Srv_02

Virtual server listen on WAN IP (call A_Public_IP_Port_X)

A NAT rule created to NAT port X to servers A_Srv_01 and A_Srv_02 (using Alias)

My problem:

Internet_Client access A_Public_IP_Port_X is OK
B_CLIENT access A_Public_IP_Port_X is OK
A_CLIENT access A_Public_IP_Port_X is NOT OK
If server A_Srv_01 run as standalone server (not using Virtual Server) everything OK, so I think NAT reflection is not a problem.

May be I have some problem with routing from: A_CLIENT <--> A_Public_IP_Port_X <--> Pool (A_Srv_01 / A_Srv_02)?

score 0 · Accepted Answer · answered Dec 02 '17 at 18:29

Found, may be this will help someone.

In Firewall / NAT / Outbound:

Change Outbound NAT mode to Hybrid Outbound NAT rule generation. (Automatic Outbound NAT + rules below)

Add Mappings rule:

Interface / Source / Source Port / Destination / Destination Port / NAT Address / NAT Port
LAN / any / * / A_Srv_01_LAN_IP/32 / port_X / LAN address / *
LAN / any / * / A_Srv_02_LAN_IP/32 / port_X / LAN address / *

pfSense / Load Balancer: Access Virtual Server from LAN

1 Answers1