Re: New to pfsense need help on port forwarding

Tib · Oct 10, 2008, 6:51 PM

Hi there
I have a big problem in NAT!
My system substance are WAN(pppoe with dynamicIP) –- and lan xxx/24
I maked five port forwarding wich work, until about next day.... Why?
If i reload port forwarding rules then the forward to be in good working again.
End this to repeat... day to day

sorry my bad english

nocer · Oct 11, 2008, 12:49 AM

Hi

@Tib, you at least provide useful info for us to understatnd really what is happening: what is your build running, your diagram, nat/rules(screen shots hopefully), and syslog, pflog those while issues happening, and entire config.xml sometime…all those can help solve your situation. In the mean time, searching related threads in the forum, or Googling around will definitely help you too.

Language shouldn't be a matter, somebody will definitely help. I'm no native English speaker either, and there are several "International" forums here. Should you look thru it.

cheers,

Tib · Oct 31, 2008, 10:03 AM

Well!
I have 2 interface
WAN – PPPOE dynamic
LAN -- single lan network
My problem is in NAT (port forwarding), that If my ISP change my ip periodically, then the forward is doesn't work until i'll reboot pfsense or change some rule!
Rules to be directly proportional to IP change..

help!!!

Guest · Oct 31, 2008, 10:12 AM

ip change shouldent interfeer with rules working or not unless you are using your external ip address in some rules

like said before..post screenshots of rules

/F

nocer · Nov 1, 2008, 6:56 AM

Hi,

Since you haven't give us anything informational so this is only my guess, suppose you need some trigger to refresh your rules or even reboot the box, try enable periodic reset for pppoe, which resides in interface>wan>pppoe configuration, in 1.3-AA(now 2.0).

cheers,

Tib · Nov 3, 2008, 7:49 AM

Hi there!

Exsample:
I made a Firewall –> Rules registration..
"TCP * * 192.168.1.56 3389 (MS RDP) * "
It's work !
But, if my isp change my wan ip(pppoe) becoulse dynamic (changed every day). Then the rules is not work, till i don't reset the system or only change in some rules.
If i on the interfaces panel clink about disconnect or reconnect than also will became wrong!!!
What is the expedient. With periodic reset is doesn't work........

hmmm I don't know

jahonix · Nov 3, 2008, 10:42 AM

Did you -by any chance- enter a name instead of an IP somewhere (alias creation, rule, NAT)?

You can do that, but the name resolution to an IP only gets updated once on startup or reset.
That sounds like what you're experiencing.

nocer · Nov 3, 2008, 2:06 PM

Hello,

Why don't you just paste the screen shots of your nat/rules? That makes stories very much straight and easy.

cheers,

Tib · Nov 3, 2008, 3:18 PM

Otherwise the nat is work, if WAN ip is doesn't changed

jahonix · Nov 3, 2008, 7:02 PM

The field for "External address" should be set to 'interface IP' on all rules. Most of your entries don't show anything (colum: NAT IP: (ext.: 66.77.88.99) )
And delete the last rule, it is double.

nocer · Nov 3, 2008, 10:19 PM

Hi.

Oh well, indeed. The rules for port forwarding, you must need to set EXT IP for your WAN interface as jahonix pointed out.

cheers,

Tib · Nov 4, 2008, 11:02 AM

Hi

But, i don't set external ip, becoulse that is always changing by ISP.

jahonix · Nov 4, 2008, 1:37 PM

@Tib:

But, i don't set external ip, becoulse that is always changing by ISP.

Isn't THAT exactly your problem? ???
When editing the rule you have to set the field to the drop down entry "External address". Then the IP change is handled for you. Automagically…

Tib · Nov 4, 2008, 2:38 PM

My problem is

If the PPPoE connction is renew externalWAN ip of my system, then the ALL forwarding rules is doesn't work.

I sent the screenshot, and what to do?

jahonix · Nov 4, 2008, 3:53 PM

As you see in the first picture you posted, in the NAT IP column there were no entries for (ext.: )
or wrong entries (ext.: any)

Set them to 'interface address' and it should work for you as well.
In the overview page the brackets must be automatically filled with your currently assigned IP then.

Tib · Nov 4, 2008, 7:08 PM

The wan ip is changing automaticaly, it's ok, but doesn't in the rules, although it has to….

thanks for help

jahonix · Nov 5, 2008, 8:19 AM

Which version of pfSense are you using?
Embedded or full install?

Tib · Nov 6, 2008, 7:31 AM

I use pfSense-1.2-BETA-1 with full install, not embedded

nocer · Nov 6, 2008, 9:43 AM

There's much more decent version(s) available.

jahonix · Nov 6, 2008, 10:56 AM

I seem to remember that there were PPPoE problems in an early 1.2 version.
Update to 1.2-release or one of the 1.2.1RCs and see if your problem goes away is my best bet.