Dual Wan, Portforward not working on OPT-Wan

tec

Ok, I will trie to delete the "static mappings" the next time when I am in front of the router and post the results here.

rob_v

Hmmzz i got the same problems…
I installed PFsense again (clean install)
And only made 1 rule (RDP)
First i tryed it on WAN 1 this works
Then i tested on WAN 2 (OPT) and it doesn't work and i programmed the rules same.

I hope they will find a solution for this problem.

hoba

Upgrade to 1.0-RELEASE we fixed a condition where firewallrules were not applied before rebooting in certain circumstances.

rob_v

@hoba:

Upgrade to 1.0-RELEASE we fixed a condition where firewallrules were not applied before rebooting in certain circumstances.

I did that… But without any positive results...

tec

rob_v do you have a PPPOE connection on WAN?
I will try the next days to upgrade and solve the Problem

rob_v

I tested it with:

WAN 1 static

WAN 2 static

And with :

WAN 1 DHCP

WAN 2 static

Thx :)

tec

I am also now on Release 1:

• Portforwarding on Opt-Wan not working
  -deleted my static port entries but not effect

Now backed up config XML
-deleted all advanced outbound rules and enabled ipsec passthrough, and deleted "oubound tags" in config.xml installed again Pfsense, restored config.xml, did the normal reboot and it doesn´t even work work without having toutbound Nat enabled :-(

Still the same, the Firewall Rule is showed as above in the firewall log page but nothing happens

Right now I have the feeling that Dual Wan and Portforwarding is a mess or I am to stupid for this and just how it seems the latter is more likely

hoba

I have several locations where I'm using portforwards on multiwan setups (at WAN and OPT-WAN) without any issues. You really seem to have something wrong. I suggest starting over and not reusing the old config.

tec

Hoba, do you have on any location PPPOE as a Wan Interface?

hoba

uhm, no. Static everywhere. Maybe that makes a difference. Can you send me /tmp/rules.debug and your config.xml to holger dot bauer at citec-ag dot de?

Btw, how did you make PPPoE work at OPT-WAN  ???

tec

Hi Hoba,
there maybe some Kind of missunderstanding:
Wan (the normal PFsensenstandartwan) = Pppoe
Opt-Wan (Optional Interfaces with static ips or they get them per DHCP).

Therefore I asked if in any of your Setups you have the normal WAN as a PPPoe Connection?

hoba

PPPoE at WAN shouldn't affect portforwards at OPT-WAN.

tec

Shouldn´t….
I noticed only on an old install that when I plugged the cable of from the PPPOE Connection and rebooted the Portforwards where working on Opt-Wan this is the weird thing.

On your Opt-Wans. Do they have all Ip from an ISP ? I have on my Opt-Wan a 192.168.0.0/24 Adress because I need that a DSL Modemroute makes the PPPOE connection or is this a Problem that I am using a private Ip range on the OPT_Wan Interface?
Regards

I will install the next day from Scratch and make Babysteps, maybe I ca find exactly out at which Point the Problem lies.

Should I still mail you the requested files?

jeroen234

did you uncheck this option on the opt interface ?

Block private networks
When set, this option blocks traffic from IP addresses that are reserved for private
networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses
(127/8). You should generally leave this option turned on, unless your WAN network
lies in such a private address space, too.

hoba

Yes, please send me the files. Maybe something obvious pops up by viewing them.

rob_v

Hi,

Is it possible to make a (simple) config file what works with 2 WAN's (port forwarding RDP or HTTP or FTP)
It doesn't matter what for IP your use in this config file.
I want to compare this config file with my own settings maybe i missed something?

Thank you.

Kind regards
Rob

tec

Hi back at home,
so jeroen234 on the Opt-Interfaces there is no Checkbox

hoba: I disconnected the Cable from WAN rebooted and then
the Forwards worked on OPT-WAN. The config with the normal NAT Setuo and also the Config with Advanced Outbound Nat enabled.

rob_V could you also test you Setup if you disconnect the cable from WAN  and pos tyour results, only to verify if this could be the bug

Cheers

rob_v

@tec:

Hi back at home,
so jeroen234 on the Opt-Interfaces there is no Checkbox

hoba: I disconnected the Cable from WAN rebooted and then
the Forwards worked on OPT-WAN. The config with the normal NAT Setuo and also the Config with Advanced Outbound Nat enabled.

rob_V could you also test you Setup if you disconnect the cable from WAN  and pos tyour results, only to verify if this could be the bug

Cheers

I tryed that without any positive result..
After this experiment i switched the networkcards to another pci slot.
But pfsense can't handle this action :P (get everytime watch dog failures).
So i have to install pfsense again….  I think i gonna buy a hardware router RV042 from linksys i'm tyred about pfsense soz..
It looks good and i think it will works fine but on my system....

Thanks, maybe i will use pfsense when i'm in a good mood..

Or.... Sombody gots a configfile what works with 2 wans and 2x RDP connection from wan to lan and opt to lan?
That's the only thing wat i want to try..

svd

i have similiar problem.
i have
WAN (STATIC)
LAN (STATIC)
OPT1 (STATIC)
OPT2 (STATIC)
WAN2 (STATIC)

everything is working through WAN but i can not even ping default gateway or any IP on WAN2 in my WAN2 network (/24). I did tcpdump on WAN2 NIC and see that packets are going in or out. But WAN2 never answers on ARP requests.

19:40:57.062126 arp who-has ...103 tell ...96

WAN2 status is up. I did reboot pfsense a few times but still no luck.
Any suggestions?

(pfsense 1.0-RELEASE)

hoba

Make sure your WAN2 settings are correct. Maybe there is a typo somewhere? Do you see any traffic from the pfSense at all? Maybe you need a crossovercable?