I have managed to find a strange one. I have a PF box set up with four nic cards.
bce0 WAN 20x.1xx.1xx.1xx /26
bce1 LAN 10.0.32.0/22
igb0 DMZ 10.10.10.0/24
igb1 not assigned reserver for second isp
I have a 1:1 NAT set up on a web server on the DMZ interface. The virtual IP is on the WAN interface. Lets call the server address 123.123.123.123 WAN to 10.10.10.10 LAN I have access rules on both the WAN and DMZ side allowing traffic to pass to the server.
If i put the web server back on my LAN interface it can access it from outside of my LAN.
So, as of right now with the server on the DMZ interface (10.10.10.0/24 network), if i type in the virtual WAN IP 123.123.123.123 in a web browser from inside the LAN it works. If i do that outside of the LAN it does not. unless i move the server back to the LAN interface and put it on the 10.0.32.0/22...