Many years ago, on bsdforums.org, I helped somebody, who had the same problem as you. He thought that his Internet cafe had a fixed IP while it was not. When he restarted the pf router/firewall everything worked again for a few hours.
Because your external IP is fixed, that cannot be the problem
What is the use of these rules?:
Code:
SERVER = "10.10.10.200"
NAT1 = "10.10.10.194"
NAT2 = "10.10.10.195"
[snip]
NAT23 = "10.10.10.217"
NAT24 = "10.10.10.218"
NAT25 = "10.10.10.219"
nat pass on $ext_if from $paltalk1 to any -> $NAT1
nat pass on $ext_if from $paltalk2 to any -> $NAT2
nat pass on $ext_if from $paltalk3 to any -> $NAT3
nat pass on $ext_if from $webdsgn1 to any -> $NAT4
[snip]
nat pass on $ext_if from $webdsgn8 to any -> $NAT11
nat pass on $ext_if from $rased1 to any -> $NAT12
nat pass on $ext_if from $rased2 to any -> $NAT13
[snip]
nat pass on $ext_if from $rased7 to any -> $NAT18
nat pass on $ext_if from $rased8 to any -> $NAT19
nat pass on $ext_if from $admin1 to any -> $NAT20
nat pass on $ext_if from $admin2 to any -> $NAT21
The "paltalk", "webdsgn", "rased" and "admin" hosts/groups are all on the 192.168.0.0/24 network.
As far as I understand you have the following setup
Code:
|
|
|
------------|------------
10.10.10.192/27
external
FreeBSD pf firewall
internal
192.168.168.0.1/24
------------|------------
|
|
|
Why do you have to NAT for each host individually?
You can do it with one single statement
:
Code:
# --- NAT
nat on $ext_if from !$ext_if