Unable to port forward

fasilkaks

Hi,
Let me congratulate each one of you for such a great support  :)

I am a newbie to pfsense trying to setup a firewall for my local network.
Below is my setup.

1. A modem (in bridged mode) to supply dsl and connected to the wan port of pfsense.
2. pfsense acts as pppoe, dhcp and firewall. pfsense's lan port is connected to switch.
3. all computers are connected (wired) to switch.
4. Another modem is connected to this switch to supply wifi (alone) which pass through pfsense's dhcp.

With this setup, I am able to browse and it works perfect.
I have port forwarded 143, 443, 80, 5060 to my internal server (192.168.1.X for example).
Telneting is working fine with these ports. But when I try these ports (https and http) from outside the network (internet using dyndns),
I can't access anyone of them.

Pfsense setup:
WAN
–------
type: PPPoE

LAN

Bridge with: WAN
ip address: 192.168.1.254/24

NAT:

If                          Proto                 Ext. port range                   NAT IP                       Int. port range                        Description
WAN                          TCP                 443 (HTTPS)   192.168.1.100(ext.: 94.98.xx.xx) 443 (HTTPS)                         pf_https
WAN                          TCP                 143 (IMAP)   192.168.1.100(ext.: 94.98.xx.xx) 143 (IMAP)                         imap_temp
WAN                          TCP                 80(HTTP)             192.168.1.100(ext.: 94.98.xx.xx) 80 (HTTP)                    pf_http

FIREWALL RULE:

TCP * *            *               *         *   incoming_allow_all_wan
TCP * * 192.168.1.100 443 (HTTPS) *   NAT pf_https_asterisk
TCP * * 192.168.1.100 143 (IMAP) *   NAT imap_temp
TCP * * 192.168.1.100 80 (HTTP)         *   NAT  
UDP * * 192.168.1.100 5060 (SIP) *   NAT  
UDP * * 192.168.1.100 10000 - 20000 *   NAT

DNS forwarder : Enabled
DHCP server: Enabled and working fine

Could any one of you help me out to solve the issue....
Thanks all once again in advance!!! :)

GruensFroeschli

Could you try to switch the WAN to standard ethernet, put a switch in front of the pfSense and connect like this to the WAN?

Can you exclude the possibility that your ISP is blocking these ports?

You write that you bridge your LAN with WAN.
This would indicate that you're running a filtering bridge and not a routed scenario.
If you're not routing/NATing, you cannot create inbount NAT rules.
You simply allow the traffic with firewall rules on the WAN.

fasilkaks

Froeschli, many thanks indeed for the reply :)

Two things:
1. I know, for a matter of fact, that my ISP does not block these ports.
2. I have tried my LAN in both bridged mode as well as non-bridged mode with the WAN interface and
have always created rules to allow all the incoming/outgoing traffic from all the ports/IPs.

I will try to remove the modem from the scenario and have a switch put in place as per your suggestion and will let you know.

Thanks again,
Fasil.

stephenw10

PPPoE for interface in port forwarding?  ???

Edit: Nope forget that!  ::)