@ralftar Thank you very much. This works for me!

i gave up on the PIA port forwarding, but still can not forward utorrent using nat rules for in and out in pfsense. Would enabling UPNP fix this problem with utorrent, and would it effect my plex port forwarding which is working fine in pfsense?

@grewterd said in EchoLink: Then they told me I will lose my unlimited data and have to pay $50 extra a month if I used my own modem. What? The fee if you go over their cap is 50 I think. But you understand your paying them X $ a month now for whatever device they gave you..a They only do that cap in certain states, and for the last fee months been completely suspended - to be honest they going to have hard time justifying putting it back.. Other then just a easy money grab.. I was comcast for years, always used my own modem.. Now on wowway - use my own.. They pay for themselves in a like a year tops.. Depending on how much their nonsense rental fee is.. And how much you spend on your modem. But $80 could be seen typical for a modem. At $10 a month rental fee, after month 8 your gravy..

Which version of pfSense is this? Does it happen if you setup a fresh install of pfSense (perhaps in a test VM?)

Well to answer my own Q' It worked , portforwarding 8443 to 443 , and use the WAN ip address as the NAT ip address. As i accessed the "site" via https://x.x.x.x:8443 , i got hit by a: HTTP_REFERER Error (and a RED Screen , leaving me "dead there") , after authenticating on the login page. Luckily i could still access the GUI via L2L VPN , but you might want think about that issue, to not be locked out. I had to add x.x.x.x to System -> Advanced -> Admin access -> Alternate Hostnames As i did not want to disable : Browser HTTP_REFERER enforcement /Bingo

@KrazeyKami how did you get it to work?

I would agree that understanding what is configured and how it works and functions is yeah a big plus in knowing if you should enable whatever or not, and or if you need it or not, etc. ;)

@CyberMinion said in Enabling a second LAN interface - can't connect: I suppose because there wasn't enough IP Exact. If the possible pool size is zero - an /32 implies zero - then pfSense doesn't bother launching a DHCP server on the interface. It wouldn't work anyway. The visual GUI effect is : no GUI 'tab'.

Check your firewall rules and make sure the traffic isn't hitting a rule with a gateway set. If so, make a new rule above it to pass to the VPN destination(s) without a gateway set.

If you translate the source IP in packets to the WAN IP, responses from the destination device are sent back to WAN IP. That's evident. You may try to activate NAT reflection + proxy in the port forwarding rule on WAN to achieve your goal.

I was able to be removed from cgnat at no cost, so went that way :)

Did you run Manual Outbound NAT before your added the new OPT interface? In manual mode you need to care about the outbound NAT yourself. However, switching to automatic and back to manual will also create the rules for all Interfaces. Personally I like to have Hybrid Outbound NAT. -Rico

Well if your NAS is multihomed and not pointing to pfsense as its default gateway - then yeah going to be a problem connecting to it from a network it has no idea how to get back to.

@edwardnizz said in Plex - Cannot achieve remote access. Not even through port forwarding.: Wow Nice people here.. Indeed. You should readLink Text this.

@red_cat1930 said in Port forward from LAN to WAN with failover: oundrobindns.txt –start-- X.X.X.X anyhost.anydomain Y.Y.Y.Y anyhost.anydomain --end-- 2. add addn-hosts=/roundrobindns.txt to DN One simple way to do it now is just to 1:1 NAT Mappings your WAN to your Failover. So go to Firewall / NAT / 1:1 and add an entry for your Failover interface, with the Failover IP as the External IP and the internal IP being the regular WAN IP Sorry... this is the best SEO for this subject.

@Gertjan When you connect to your FTP server on the same LAN as your device (PC), have this FTP client using Active mode (?). : active mode in LAN just works fine, but can not login through passive mode. second ftp server to accept only LAN connections through 2121 is seems like good idea, let me work on that.