Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Portforwarding SSH/HTTP on BETA4 not working (for me, at least)

    Scheduled Pinned Locked Moved
    NAT
    2
    4
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      darrendavid
      last edited by

      hey all-

      quick one here. Simply trying to portforward ssh and http from my soekris running pfsense to an internal server. i want to map my.wan.ip:2222 -> 10.0.1.10:22 and my.wan.ip:8001 -> 10.0.1.10:80

      here's what i have configured (using only ssh as an example):

      Firewall > NAT > PortForward
      –---------------------------------------
      interface: WAN
      Proto: TCP
      Ext. port range: 2222
      NAT IP: 10.0.1.10
      Int. port range: 22

      i checked the box to create the default rule in Firewall/Rules, and haven't touched it.

      I follwed the same procedure for http as well, and haven't had any luck getting packets to flow inward. i'm hoping i just missed something simple here. thoughts?

      thanks so much,
      darren david

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Do you see blocks for connectionrequest of this kind in status>system, firewall? In case your WAN IP is in a private range the "block private IPs at WAN" rule could block your traffic (you can disable this at interfaces>wan at the bottom).

        Also are you trying this from outside or are you trying to use natreflection? natreflection is usually turned off by default but you can turn it on at system>advaned (also at the bottom).

        Another thing to check is the rules order of your firewallrules. In case something is blocking this kind of traffic earlier you can't make the connection go through by creating a pass rule below this.

        Also make sure the internal portforward targets have the pfSense as default gateway.

        1 Reply Last reply Reply Quote 0
        • D
          darrendavid
          last edited by

          @hoba:

          Also make sure the internal portforward targets have the pfSense as default gateway.

          aye, there's the rub. excellent point, and hence the source of my issues. FWIW, do you know offhand how to set a different gateway for different interfaces on a FreeBSD box? My internal server has services running on 10.0.1/24 and 10.0.2/24 on different interfaces, but i've only ever set the "defaultrouter" in rc.conf. if i can get each interfacae to use a different gateway then i should be solid…

          thanks so much.

          darren

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html

            1 Reply Last reply Reply Quote 0
            • First post
              Last post