HOW TO OPEN PORT FIREWALL FOR Dynamic DNS

mohdhizami

what u mean "This will only work if the pfSense sits at a real public IP with it' WAN and not behind another natted router."

my pfsense get ip from modem.

–-----my lan (192.168.2.x)
my modem ip 192.168.2.2---
-------my pfsense wan server (192.168.2.3)--- on pfsense lan ip (192.168.1.1)

sorry i don not how to explain you but this image on my network

plzz help me.. :P

Bredys

Its double NAT. You dont have public ip on pfsense wan interface. You cannot reach pfsense wan ip from net.
What modem you have? ADSL? If your provider giving you public ip you must disable nat on your adsl modem and switch modem to transparent /bridge/ mode, and than configure pfsense wan to PPPoE…

mohdhizami

i use modem linksys AM300.. ADSL..

Bredys

Ups… i dont see your diagram before...
Still i dont know if you have public IP from your provider... on ADSL modem wan side.
If yes, it will be better put your PFsense right behind your ADSL modem (set in transparent mode) and equip PFsense with 3 ehternet ports. (1 for wan, 1 for lan and 1 for optional wifi)

mohdhizami

i use Dynamic ip…
wan ip for pfsense 192.16.2.3
lan ip for pfsense 192.168.1.1

??? ???

Bredys

Im asking for your internet IP not pfsense IP…

Oki... i think your network will be easier if you follow my diagram:
Red zone is secure zone for wifi (you can set rules on pfsense)
Green zone is your lan

If you remain on your layout, you need to create a nat rule on our ADSL modem that nat traffic from some external port to internal IP of your PFSense (ex. wan IP, port 9999 to 192.168.2.3, port 80 or 443) and then on your wan interface on PFSense allow port 80 or 443.

lan.png_thumb

mohdhizami

Ooo… ok... tq my friend... :D :D

if i want control my speed at wifi 384kbps and lan 1mbps still can.? or not..???

if can, can u teach me.. ;D ;D

mohdhizami

i have follow your diagram:

but i can enter my pfsense from internet..???

plzz help mee… :'( :'(

Bredys

If your ADSL modem is transparent you must set new rule in Wan that allow traffic from internet to port 80 or 443 (or your selected port for webgui)

mohdhizami

TQ is work…. you are the best.... :D :D :D