Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forward 'Any' Ports - Gotchas?

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 284 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Matt_Sharpe
      last edited by

      Hi Guys,

      We create port forward rules from public IP to LAN IP for 'any' port range on TCP. Is there anything missing to get this working if we have the firewall rules created under 'WAN' section to allow?

      Did this earlier and the firewalls had internet access, ICMP traffic was flowing but the ports and SSH specifically was not connecting even though all firewall rules dictated it should...

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @Matt_Sharpe
        last edited by

        @matt_sharpe NAT rules will automatically create a firewall rule for you unless you tell it not to when creating the rule. You should not need to add any rules on WAN unless you want your firewall to be accessible from the Internet.

        I can't say I've tried forwarding all ports in a NAT rule though I don't know of a reason it won't work. I have used 1:1 NAT to do that though.

        Ensure the firewall on the device on LAN allows connections from outside its local subnet.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.