Trouble with port forwarding.
-
Hello, I'm trying to allow access to a web server through my pfsense. It was working well yesterday, but for some reason it's not working anymore and I can't seem to find why.
My network is the following:
WAN1 LAN1
\ /
Pfsense 1.2
/
WAN2 LAN2Both WAN1 and WAN2 are local networks on which there is the ISP' router.
My Web server is on LAN 2 and must be access solely through WAN 2.I'm currently trying to enable access to the server from a computer on WAN2, berfore even trying to enable it through the internet.
I enabled the following rules in the NAT Menu:
If Proto Ext. port range NAT IP Int. port range Description
WAN2 TCP 8080 192.168.10.23 80 (HTTP) Test
(ext.: any)The rule added on WAN2 when creating the NAT is:
Proto Source Port Destination Port Gateway Schedule Description
TCP * * 192.168.10.23 80 * NAT Test
(HTTP)I successfully connect to the webserver when using a computer on LAN2, so there shouldn't be any problem there.
I tried to log the firewall rule, but nothing appears in the log when i'm trying to connect.My guess is there is something blocking the NAT somewhere, but I have no idea what it could be.
Does anyone have an idea? -
Dont set as external NAT IP "any". Set here "Interface address"
Did you actually test this from a client which is on the WAN2 side?
-
Yes I did test it that way and it wasn't working either.
But I just find a clue. Apparently, if on my webserver I access directly the website it works both with 'any' and 'Interface Address', but if I use a virtual directory, it doesn't work anymore.
For example, if i use http://pfsenseInterfaceAdress:8080 it works, but if I use http://pfsenseInterfaceAdress:8080/Website it doesn't work.
Is there something to do on pfsense to make this work?
-
Also, althought this is working from an internal client on WAN, it doesn't work when i try to access the webserver through my isp's router, even thought i did the forwarding on the router on the same way as my other servers on WAN2. Could this come from a communication problem between the routeur and pfsense.
-
Also, althought this is working from an internal client on WAN, it doesn't work when i try to access the webserver through my isp's router, even thought i did the forwarding on the router on the same way as my other servers on WAN2. Could this come from a communication problem between the routeur and pfsense.
This problem was solved. I was just being stupid in my use of my vmware server (my webserver is on a vmware client).
On the other hand, I still need to be able to access my webserver using the virtual directory. Anyone knows how to do that?
-
I'm not sure how pfSense could interfere with that, since it only sees the TCP connection and has nothing to do with the http request.
Are you sure this is not a missconfiguration on the server? -
I'm not sure how pfSense could interfere with that, since it only sees the TCP connection and has nothing to do with the http request.
Are you sure this is not a missconfiguration on the server?I'm not, but since I can successfully access the website this way when on the same lan, there should be no reason not to access from a remote client. Is there?