NAT to NAT with RRAS - routing between 2 NATted subnets?


  • I can't post pictures or links of my diagram (because I'm not verified apparently) so I uploaded it to imgur:

    WAN IP: Internet
    LAN IP:
    LAN Subnet and DHCP at:

    Windows RRAS Router:
    WAN IP:
    LAN IP:
    LAN Subnet and DHCP at:
    NAT on WAN to allow internet to LAN clients.

    I'm aware using 24.x.x.x is suboptimal and I will change that.

    I'm trying to figure out how to configure RRAS in order to allow my PfSense router to access a downstream routed network.

    The Windows RRAS router is connected to a port on the PfSense router. I can ping Windows RRAS router on the WAN IP from PfSense router (from to

    I can also ping between clients and I can ping from clients 24.0.0.x to PfSense Router

    I set up a static route in PfSense router on its LAN interface to route traffic through (as a gateway).

    When attempting ping from to any 24.0.0.x (including Windows RRAS LAN IP), Wireshark on is showing that ICMP packets are inbound on the WAN interface, however it is showing (no response found!) at the end, and RRAS is showing an increase in count of the Inbound Packets Rejected. No ping response is shown on

    Any help would be greatly appreciated! I'm assuming the problem lies in RRAS configuration because the packets reach RRAS but are not routed properly - they are rejected.

    Firewalls are off everywhere.

    Thank you very much for your help
    Friday, May 4, 2018 12:49 AM

All replies