Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Website behind PFsense firewall not visable from the internet

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 2 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wesey77
      last edited by

      I hope there is someone that can help me

      I have the following setup

      static IP from my ISP

      modem which routes all traffic to the PFsense box IP adres 10.0.0.13

      connected to the PFsense box with two subnets

      my LAN  IP range from 192.168.1.x

      and a DMZ IP range from 192.168.2.x

      I have setup the firewall NAT
      Port forwarding
      WAN  TCP  25 (SMTP)  192.168.2.10  (ext.: 10.0.0.13)  25 (SMTP)     
      WAN  TCP  80 (HTTP)  192.168.2.10  (ext.: 10.0.0.13)  80 (HTTP) 
      WAN  TCP  21 (FTP)  192.168.2.10    (ext.: 10.0.0.13)  21 (FTP)

      1:1
      WAN  10.0.0.13/32  192.168.2.10/32  dmz

      the Firewall rules

      WAN

      • RFC 1918 networks * * * * * Block private networks
      • Reserved/not assigned by IANA * * * * * Block bogon networks
        TCP  *  *  192.168.2.10  25 (SMTP)  *    NAT   
        TCP  *  *  192.168.2.10  80 (HTTP)  *    NAT 
        TCP  *  *  192.168.2.10  21 (FTP)  *    NAT

      DMZ
      TCP/UDP  DMZ net  *  195.121.1.34  53 (DNS)  * 
      TCP/UDP  DMZ net  *  195.121.1.66  53 (DNS)  *

      I enabled the NAT reflection

      But the website with ip adress 192.168.2.10 isn't visable from the internet
      I can see it from my lan
      Can somebody please tell me what i did wrong

      Martin

      1 Reply Last reply Reply Quote 0
      • C
        clarknova
        last edited by

        @wesey77:

        the Firewall rules

        WAN

        • RFC 1918 networks * * * * * Block private networks

        Turn this off in the WAN settings page and try again.

        db

        db

        1 Reply Last reply Reply Quote 0
        • W
          wesey77
          last edited by

          removed that rule
          still nothing

          1 Reply Last reply Reply Quote 0
          • C
            clarknova
            last edited by

            Is your modem doing NAT? Then you will have to tell the modem to forward those same ports to internal IP address 10.0.0.13 as well.

            By the way, I don't think this is your issue, but 1:1 automatically forwards every incoming port to a single internal IP, so it's redundant to forward certain ports when 1:1 is set up for the same server.

            db

            db

            1 Reply Last reply Reply Quote 0
            • W
              wesey77
              last edited by

              Oke found the problem
              I hard resetted the modem and now everything works fine

              Thanks for the reply's

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.