Pfsense as lan router and port forwarding problems?
-
This post is deleted! -
@steveits I'm so dumb right now. I'm srry you said protocol ICMP. That is myfault there. I'm changing it now. Thank you
Joseph
-
Just an update. Thank you all for the information and help. This is a great community I got it all blocked now. however I need to figure out how to block not only 10.0.0.1 but all the addresses. I just tried to ping 10.0.0.34 which my laptop is on and I was able to ping that as well. Is there a way to stop all the addresses in that range?
Edit: I did mange to figure that out I changed Destination to network and the address 10.0.0.1 and it blocked everything on that.
Joseph
-
The destination should really be 10.0.0.0/24 there like:
-
@josephchrzempiec said in Pfsense as lan router and port forwarding problems?:
The support lady said Well I don't see a way to put it in bridge mode. and the option is not in the modem/router.
You can't always believe them. Post the model and maybe someone here can help you.
-
@jknott they already got a new isp device, and they have a block of 5 public IPs
@josephchrzempiec said in Pfsense as lan router and port forwarding problems?:
Hello, I got my new modem/router in today. Wow that was fast. Found out they have a small office 5 minutes from me and I never known it, So I picked it up there. I was able to get it up and running. I also found out I not only got one Static ip address but I have block of 5. I totally forgot I paid for it.
So I assigned a static ip to the pfsense router and it works.But yeah I agree with your overall advice - quite possible that the 1st level support person when you call just doesn't have a clue ;) Never hurts to post exact model, etc. as there might well be a way to put in bridge mode that the support was just not aware of.
-
Hello everyone, I'm very sorry for the late reply my depressed kicked in and for a long time I was useless to everything. I needed to get my head back in check. Even on this problem. I don't have any new news to report. But Soon I need to figure this out. My isp router still the same and my pfsense router is still the same. My problem s that I need to portward through the pfsense router to my isp router. I haven't found a way to to do that yet. I need to contact my isp to figure there side of there modem/router. and how I can bridge things.
They did offer me to do static ip addresses so I can run it as my own and the cost is $24 dollars a month. I'm not sure that is a cost I can really afford. However it might be the only way to fixing this problem. and Still lettings me to run the Pfsense router as a fulll standalone router without having to deal with my isp router part. I need to think if I should go that way or have more to deal with trying to bridge these two together Thank you all for the help and information. I have tried everything everyone said to try and I still couldn't get it to portforward. I will update this post in a day or two after the weekend is over.
-
@josephchrzempiec said in Pfsense as lan router and port forwarding problems?:
My isp router still the same
Which is what exactly - you never stated this.
My problem s that I need to portward through the pfsense router to my isp router.
No your isp router would be in front of pfsense - and you would need to forward port to pfsense wan, so it can forward to your clients behind pfsense.
-
Yes the manufacturers sometimes label these things differently. Might be pass through, might be bridge mode, or might be 'dmz'.
Do not, under any circumstances, let the ISP charge you extra for this. ...unless...
Now, they may block incoming (from the www...to a personal/home level service account) port 80, 443, 25, etc... The only way around that is to use a commercial account which they will charge you more for, and cut your speed in half...because they can.So back to the trouble at hand.
ISP > pfsense > webserver
This isn't rocket science. Push all the traffic through to pfsense somehow...bridge/passthrough/dmz.
Firewall rule into pfsense to forward correct traffic to the webserver.
Probably dynamic dns...or just memorize your public IP each time it changes.I have troubleshot the hell out of something already working before... so the part ~some~ people forget -- YOU...from INSIDE your network...will probably have issues getting to the public ip website because of routing/firewall rules. Separate set of rules for that. Quick sanity check after you get the above set up correctly - turn off the wifi on your phone, and try to get to the page. If it loads you're golden. Chances are the first try your desktop/laptop etc on the internal wifi will not work...need a few extra rules for that put in.
*also...make sure you're not making an internal webpage at home that functions as an unintentional honeypot ... just saying ... people will get in. It isn't pfsense's fault...99.99% of home webservers shouldn't be connected to the interwebs.
-
Hello, I have ATT fiber. I thought I said that before. I looked back and I didn't said it. That is my fault and I'm sorry. It is a modem/router. I talked to a T1 tech support and they told me there is no bridge mode. If I wanted to use a second router I would need a second Static ip address.
Crazy thing is They said I have a stack of 5 static ip addresses it was a special when I got my connection and I never known that. I might of ordered it but I forgot. And I have been paying for it all this time. Funny Huh lol
So now I can run the pfsense router as it's own standalone router. That is the good news I have been waiting for. Sense the payment for the connection comes from my credit card it is automatically I don't see a Bill. And If I login to my accout it doesn't say nothing about static ip address. That is because they said it was never setup.
-
You might have the AT&T homegateway device that requires shenanigans to get a true 'modem' mode. What's the actual model number?
