Port forward for torrents not working on dual wan setup
-
I'm sorry for bumping this thread but i've really run out of avenues to get this working, i'm still having problems getting the port forwarding for torrents working.
Below i've attached screenshots of what settings i've implemented.
I've set up both of my gateway routers as DMZ's to the pfSense router (i.e. for WAN the DMZ points to 192.168.0.10, for Opt1 it points to 192.168.1.222) and i've updated to the latest snapshot from here
I've put a rule in "Firewall: NAT/Port forward" to open port 18739 for 192.165.0.30
I've put a rule in "Firewall: Rules/LAN" to open port 18739 for 192.165.0.30 at gateway DrayfailoverNet
I've put a rule in "Firewall: Rules/WAN" to open port 18739 for 192.165.0.30 at gateway DrayfailoverNetI've put a rule in "Firewall: Rules/Opt1" to BLOCK port 18739 for 192.165.0.30 at gateway DrayfailoverNet
What's happening is that when I run the port checker it is STILL switching between the two IP's in my load balanced pool, so the policy based routing isn't taking affect, and i'm guessing this is the root of my problem, is there any rule that might be negating my policy based rules? Or anything that i'm missing here?
When i'm setting up the DMZ at the router level it should be pointing to the local ip for that connection in pfsense right?
-
There are several problems with your setup:
- don't use gateways other than default for firewallrules at wan and netopia that belong to portforwards. You have to use "default" as gateway there.
- I don't understand the 2 other rules at wan and netopia that don't belong to the portforward but they are definately wrong ;)
- at netopia the block rule is not needed. Everything not explicitly allowed is blocked anyway. The gateway option here is wrong as well.
-
- I don't understand the 2 other rules at wan and netopia that don't belong to the portforward but they are definately wrong ;)
The 2 other rules at WAN and Netopia where implemented because I followed the guide here for setting up load balancing, you can see he has implemented these rules on page 12.
Why would they be wrong?
-
Please rather follow http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing . I have to look a bit closer at the other doc but it seems to be wrong. If it is I'll pull it so it doesn't confuse people anymore. It doesn't apply to the latest snapshots anyway that have a much easier pool creation gui (selecting interfaces instead of gateway IPs).
-
Ok, tomorrow i'm going to start again and implement the other tutorial. The only reason I went with the one I did was because it was for a static IP setup.
Can I ask though, the fact i am able to get access to the internet means that there is a port open in pfsense to do so (say port 80) if I did a test of port 80 (i.e. http://www.utorrent.com/testport.php?port=80) should it not be reading as open?
-
The default config is to let anything out but nothing in. The apps do test incoming connections so this won't work without portforwards and appropriate firewallrules.
-
Ok I think i'm nearly there with this.
I removed the rules from the tutorial I was following and went with only the settings from here
I've attached a screenshot below of what i've set up. Can you explain to me what the last rule in this screenshot does, it seems to always be setup in all of the tutorials I've read but there is no explanation for it.
Is this rule used to set udp/tcp ports for all OUTGOING traffic? I've found that when I disable it, the utorrent port checker says the port is now open, but when I try to download a torrent it won't connect… until I re-enable the last rule. Is there any explanation for this?
-
If you don't enable the last rule you only alow the ports and protocols specified above which means only a few ports are open to go out (http, rdp, https, common-alias and protocol icmp).
-
Ok I think i'm nearly there. Torrents are working, so is VNC, VPN in and out of the office, FTP and HTTPs.
I have one last thing thats not, its not a big thing but I would like to resolve it. The failover for my Opt1 connection is not working. When I plug out my Opt1 connection I can still access the internet on my WAN connection, but when I plug out my WAN connection I lose all internet access… except for doing google searchs which is weird. When I unplug the WAN connection I can go to www.google.com and do a search and it will give me a list of results, i can't however open any of the result pages. I can't do a tracert on any sites either.
I have a feeling this has something to do with my DNS. Is there anyway of setting the DNS for Opt1? Under "status>interfaces" the Opt1 connections reads as "up" but I don't see any DNS addresses associated with it?
-
http://forum.pfsense.org/index.php/topic,3696.msg22708.html#msg22708
-
I've written up a new part to the dual WAN wiki http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing#Supporting_bittorrents
which describes my set up for bitorrent which seems to be working well.Appreciate comments and feedback on this.. :)
-
I've written up a new part to the dual WAN wiki http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing#Supporting_bittorrents
which describes my set up for bitorrent which seems to be working well.Appreciate comments and feedback on this.. :)
hoba pets pootle, a user who gives something back :D