How do I open multiple ports?
-
Hello
I'm trying to setup the firewall on my EXSI server, but I'm unsure about how I open multiple ports..
I got a Linux VM running on 192.168.1.102 that I would like to open the port range 51515-61234
I'm new at using pfSense and don't know much about network/firewall, so I could really use a little help..
Think I know how I open single ports(SSH,FTP,HTTP etc. is working) by adding a NAT rule with Filter rule association looks to work..
But when i need port forward a whole range, then I'm unsure about what port should I use as Redirect target port?
If anyone could provide a screenshot of how it is supposed to look with multiple ports, that would be great..
Thank you..
-
You would do range just like you would do single really - you would just call out the ending port.. See attached.
My question would what would be listening on such a large range? Are you running a passive ftp server that could have like 10k connections at the same time?
-
Thanks you for the reply..
hmm.. Sounds like I was doing it correctly..
https://imgur.com/a/Hhgbf
The program that needs the ports is just still saying port closed..
What command can I use to check if the port is actually open on my Ubuntu VM??
-
Thanks you for the reply..
hmm.. Sounds like I was doing it correctly..
https://imgur.com/a/Hhgbf
The program that needs the ports is just still saying port closed..
What command can I use to check if the port is actually open on my Ubuntu VM??
Are the rules in correct order. By default all incoming is blocked on WAN. And the rules are applied top down first. If the packets are hitting the rule which says block all traffic, it would never go to the rule that you created. So the port forward rule should be in the correct order
I have a similar issue with my Plex server. It keeps saying the port is closed but in reality its open as i am able to access it externally. May be there is a bug or something. Even if your program says its closed, you should still try to access it externally, provided everything is in place. Just a thought.
-
Yeah you need to see what rules on your on your wan if you had some other rule above your nat create rule that would block then it would be blocked.
Also again what specific service are you trying to use that needs all those ports open? That it would be listening on all of those ports both tcp and udp makes ZERO sense. What exactly are you trying to access?
And keep in mind there is a esxi firewall as well, so if your trying to hit something on a vm? There could also be the firewall on the VM, etc..
You should walk through the troubleshooting guide to find out where the problem is.
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting -
Thank you both of you..
I found the error..
The program's web-ui did not write my custom port range in the config file, so every time I restarted the program it would reset..
Edited the config file using SSH and the program is now showing the ports as open.
johnpoz I will look into limiting the range and try to figure out if I only need TCP or both..