Troubleshooting 1:1 NAT

If 1:1 NAT (or even Outbound NAT) is properly configured, but the system still appears to access sites like https://www.pfsense.org/ip and https://ifconfig.me/ from the main WAN IP Address on the firewall, then something may be proxying or redirecting those requests.

With a proxy involved, even though 1:1 NAT is in place, web requests can still be proxied, and thus originate from the proxy.

To verify the 1:1 mapping is working properly in an environment where web requests are proxied, find a different method to verify, such as:

• Login to a remote system and watch the firewall logs or packet capture.

• Initiate some traffic from the system and verify the traffic is originating from the proper IP Address by checking the states or a packet capture.

• Access an HTTPS site that does not flow through the proxy.