• NAT rule with port translation

    3
    0 Votes
    3 Posts
    1k Views
    R

    Thank you

    Renato

  • Port 25 Outbounds

    9
    0 Votes
    9 Posts
    2k Views
    R

    Thanks for your help guys! Actually, Centurylink does block port 25, on home and business lines. If you have leased static IP, and we do, you can go into the IP tool manager and open port 25. Just did that and all is good! Here's the link: http://internethelp.centurylink.com/internethelp/email-troubleshooting-port25.html

    I removed those two outbound rules in pfSense.

  • Need to create a NAT rule for PLEX streaming

    15
    0 Votes
    15 Posts
    9k Views
    johnpozJ

    For starters are you behind a NAT?  Did you tread the port forwarding troubleshooting guide?  Did you go through the steps there?

    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    Does your ISP even allow inbound traffic to 80 or 443.. Many of them may block this because your not allow to run servers on their service - check with your ISP.  Per the troubleshooting guide.. Sniff on your wan in pfsense packet capture, go to canyouseeme.org and generate traffic - do you see it in your sniff.. If not then your behind a nat that is not forwarding to you, or you isp is blocking, etc.

  • TFTP client behind pfSense: Does not work

    2
    0 Votes
    2 Posts
    2k Views
    -flo- 0-

    Ok, after writing this long post I tried to disable the tftp proxy. Don't know why I didn't do this in the first place. However now this works.

    Still I don't understand why the tftp proxy intercepts the udp traffic. Is this the right behavior? And is there a defect in the tftp proxy? If it is there it should be working, right?

    -flo-

  • Access internal Owncloud Server from LAN and WAN with the same address

    12
    0 Votes
    12 Posts
    6k Views
    johnpozJ

    True your forward needs to be to your actual server running owncloud not a network.

  • Generating NAT rules from the command line

    10
    0 Votes
    10 Posts
    4k Views
    O

    Sorry for the slow response.  I've been meaning to post a followup for a while…

    Because of the way pfSense stores rules in XML, scripting this would involve parsing out tags and generating matching NAT/PASS rules.  I concluded that the right way to to this is by enhancing easyrule to support generating NAT rules, which I don't think would be too difficult.

    It turned out to be unnecessary in my case, though.  I found out that HTcondor has a feature called "connection broker" that allows nodes to communicate with the scheduler from behind NAT just by switching it on and specifying the address of the scheduler.  It eliminates the need for the scheduler to connect to other nodes and instead routes all traffic through a connection initiated from the node to the scheduler (which I think is how it should have been done in the first place, but better late than never).  Hence, as long as the scheduler isn't behind NAT, there's no need for port forwarding.

    Regards,

    Jason

  • 0 Votes
    3 Posts
    734 Views
    O

    Openvpn? Give the openvpn client non-routable ip and 1:1 on that ? At least it should work in theory.

  • 2.2 passive FTP

    9
    0 Votes
    9 Posts
    2k Views
    M

    @johnpoz:

    So your trying to ftp working with telnet?

    "telnet ftp-server 21"

    Good catch didn't see that, usually the simplest answer is the correct one. Unless he just made a typo.

  • Problem with internet access via pfsense router

    4
    0 Votes
    4 Posts
    956 Views
    M

    Ok, so what happens if you just type 'nslookup www.google.com', leaving out the '8.8.8.8'? Do you still get a reply? If not, then the problem is that your client doesn't have a valid DNS server defined in it's network config. If you do get a positive reply, then the issue is probably with the browser you're using - aka: it will have a proxy server set in the browser config which doesn't exist, or something like that.

  • 21 FTP problem

    3
    0 Votes
    3 Posts
    1k Views
    johnpozJ

    Tells you right in your error

    Response:  227 Entering Passive Mode (192,168,1,12,26,8).
    Status:  Server sent passive reply with unroutable address. Using server address instead.

    Before the helper/proxy use to change that IP to the public - now there there is no helper/proxy your ftp server has to send the actual public IP.  Read the doc dok linked too.

  • [SOLVED] NAT doesn't work in proxmox environnement

    3
    0 Votes
    3 Posts
    942 Views
    B

    I change the processor type from kvm64 to qemu64

  • [Solved] Multiple subnet on WAN Interface, single GW, natting

    7
    0 Votes
    7 Posts
    2k Views
    S

    @dotdash:

    Try creating an alias on the WAN like 10.215.221.1/25, then create CARP VIPs for 10.215.221.2,3,4,etc. Then use the CARP VIPs for 1-1s or port forwards. You should also be able to use 'Other' VIPs, but CARP type are more flexible.

    Great, it works perfectly, even if I don't create the alias on the WAN, just  with the CARP VIPs.

    Thank you!

  • Daisy chain: pfsense/squid + pfsense/multi-wan

    1
    0 Votes
    1 Posts
    825 Views
    No one has replied
  • Inbound SIP randomizing

    4
    0 Votes
    4 Posts
    841 Views
    V

    I still see incoming ports randomizing.

    Anyone have any more ideas?

  • 1:1 NAT but limit inbound only from a list of IP addresses

    1
    0 Votes
    1 Posts
    618 Views
    No one has replied
  • Double NAT

    27
    0 Votes
    27 Posts
    6k Views
    O

    I think I know what the problem is, .. however I'm not sure how to solve this

    from what i gather

    tcp:

    SYN => <= SYN ACK ACK => connection established

    however, ..

    WAN2 is a secundairy gateway while WAN1 is the default gateway, .. traffic is comming in through WAN2, however since the WAN1 is the default gateway of the client, it responds through WAN1, connection failed.

    Exactly like johnpoz said earlier.

    edit:

    yes, if i change the route for that specific ip i can connect to the tcp, however now my question how can i make a dynamic route so that when I connect to it that traffic goes through the correct gateway. And that's why UDP works. It all makes sense now.

    can this be solved with a routing daemon?

  • NAT Port forwarding changes not taking effect

    1
    0 Votes
    1 Posts
    661 Views
    No one has replied
  • 2.2 Outbound NAT Issue

    2
    0 Votes
    2 Posts
    667 Views
    johnpozJ

    "as I am unable to NAT outbound traffic on WAN 1 to a WAN 2 IP"

    How would that have ever worked??  Makes no sense that would work.

  • 0 Votes
    1 Posts
    531 Views
    No one has replied
  • ESXi, OVH, and 1:1 NAT problems

    4
    0 Votes
    4 Posts
    3k Views
    M

    Thank you! You made my day.
    I was looking for this answer a couple of weeks!

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.