Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding to Docker server

    Scheduled Pinned Locked Moved General pfSense Questions
    20 Posts 3 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      viragomann @dridhas
      last edited by

      @dridhas
      The destination has to be "WAN address". This is the IP you are accessing from outside. Only the source cannot be WAN address.

      D 1 Reply Last reply Reply Quote 0
      • D
        dridhas @viragomann
        last edited by

        @viragomann got that updated and still cant access the server from outside... ๐Ÿ˜ž

        V 1 Reply Last reply Reply Quote 0
        • V
          viragomann @dridhas
          last edited by

          @dridhas
          And what do you get now?

          Is there any state or traffic shown at the associated rule in Firewall > Rules > WAN?

          D 1 Reply Last reply Reply Quote 0
          • D
            dridhas @viragomann
            last edited by

            @viragomann this is what ive got:

            c2f03070-3143-410d-819d-19d3bc6b6ee3-image.png

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @dridhas
              last edited by

              @dridhas
              So it shows some traffic already.

              Are the gateway settings correct on the destination device?

              To investigate take a packet capture (in Diagnostic menu) on the internal interface facing to the destination device. Specify the port 4443 for filtering. Start the capture and try an access from outside.

              If you network settings are correct you should see request and response packets. Post what you get, please.

              D 1 Reply Last reply Reply Quote 0
              • D
                dridhas @viragomann
                last edited by

                @viragomann i dont see any packets being captured, it shows blank 48665b11-c12c-4ff5-97f9-6a04fe408b7e-image.png

                V johnpozJ 2 Replies Last reply Reply Quote 0
                • V
                  viragomann @dridhas
                  last edited by

                  @dridhas
                  Dude, you NAT rule is wrong again!
                  The source port has to be "any", as well as the source IP!
                  The destination is "WAN address", destination port "443"!
                  At redirect target port you can enter your internal destination port, which might be 4443.

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator @dridhas
                    last edited by johnpoz

                    @dridhas Here is example port forward to different port external to what the port this is sent to the server port.. With the associated firewall rule.

                    Just where mine is locked down to a specific pfblocker alias - yours should be any.

                    rules.jpg

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                    D 1 Reply Last reply Reply Quote 0
                    • D
                      dridhas @johnpoz
                      last edited by

                      @johnpoz @viragomann sooooo... i got frustrated and decided to nuke pfsense and start fresh.
                      now, a few minutes after and following the advice provided above, i got able to do the port forwarding successfully. ๐Ÿ˜ƒ

                      i can now access my docker server from outside my network. ๐Ÿพ

                      now its turn for the internal access, but first, i need to reconfigure the wifi... ๐Ÿ˜ƒ

                      this is how the WAN rules look so far:
                      50392387-a2d4-4d16-89ec-f9b8da451498-image.png

                      and as you can see, there is more traffic now flowing thru. ๐Ÿ˜ƒ

                      johnpozJ 1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator @dridhas
                        last edited by

                        @dridhas said in Port forwarding to Docker server:

                        now its turn for the internal access

                        huh? Why would you do that?

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                        D 2 Replies Last reply Reply Quote 0
                        • D
                          dridhas @johnpoz
                          last edited by

                          @johnpoz i started the pfsense project a couple of days ago when i upgraded the home network, i didnt have much configs to worry about.
                          now that i have this setup and running correctly, i can create a backup just in the event i need to nuke it once again... ๐Ÿ˜ƒ

                          1 Reply Last reply Reply Quote 0
                          • D
                            dridhas @johnpoz
                            last edited by

                            @johnpoz so, after a hiccup, somehow i forgot to assign static dhcp address to the server and the access to docker server stopped working.
                            Once the DHCP static ip was set, everything went back to normal.. ๐Ÿ˜ƒ

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.