Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Rule to Allow RDP to LAN..?

    Scheduled Pinned Locked Moved Firewalling
    23 Posts 2 Posters 28.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      podilarius
      last edited by

      What does your port forward rule look like?

      1 Reply Last reply Reply Quote 0
      • Z
        zaf
        last edited by

        here you go…

        1.JPG
        1.JPG_thumb

        1 Reply Last reply Reply Quote 0
        • P
          podilarius
          last edited by

          What is the outbound NAT doing? Auto or not?

          1 Reply Last reply Reply Quote 0
          • Z
            zaf
            last edited by

            nothing by looks of it?

            1.JPG
            1.JPG_thumb

            1 Reply Last reply Reply Quote 0
            • P
              podilarius
              last edited by

              You might want to go ahead and switch to manual NAT and NAT only on the WAN interface and do pure routing otherwise.

              1 Reply Last reply Reply Quote 0
              • Z
                zaf
                last edited by

                this is becoming very difficult to configure, would you mind elaborate and provide step by step on how to configure manual NAT please? Changing it to manual mode, will require me to re-create all rules is this correct?

                when i enable manual i see these rules?

                Thanks

                1.JPG
                1.JPG_thumb

                1 Reply Last reply Reply Quote 0
                • P
                  podilarius
                  last edited by

                  Those should be the only rules you need. Are you using ESX 5 per chance?

                  1 Reply Last reply Reply Quote 0
                  • Z
                    zaf
                    last edited by

                    Yes it's a esx 5 virtual environment, pfsense and all other machines are VM's?

                    1 Reply Last reply Reply Quote 0
                    • P
                      podilarius
                      last edited by

                      In my lab, yes they are. I will throw up your type of config and see what happens. I suspect mine will work .. my bridge doesn't though :(.

                      1 Reply Last reply Reply Quote 0
                      • P
                        podilarius
                        last edited by

                        Finally got the bridge working. So tell me, did you leave the default of keep state on all the rules?
                        holly crap I just noticed that your route to 192.168.0.0/24 is not correct. Just thinking of network basics.
                        It should read 192.168.0.0/24 GW 192.168.5.6 (pfSense WAN port) not .1.
                        Are you trying to access them their 192.168.0.0/24 address or the WAN IP?

                        1 Reply Last reply Reply Quote 0
                        • Z
                          zaf
                          last edited by

                          excellent changing the DG to 192.168.5.6 did the trick, i cant believe i didnt pick that up! (something so simple) :)

                          Thanks for your help all is now working..

                          Cheers

                          1 Reply Last reply Reply Quote 0
                          • Z
                            zaf
                            last edited by

                            Hi,

                            Just wanted to know, if i turn off the firewall functionality in Pfsesne it will also disable NAT, (router mode) how can i then access from internet, how do i forward port forwading in a router mode only?

                            also- do you have any custom captive portal page or know of any site i can download and tweak it?  :)

                            cheers

                            1 Reply Last reply Reply Quote 0
                            • P
                              podilarius
                              last edited by

                              With firewall disabled, so is the NAT as that is a function of the firewall. So, you don't port forward in router mode only.

                              I don't know of any captive portal custom stuff. Perhaps those that are monitory the Captive portal threads can let you know.

                              1 Reply Last reply Reply Quote 0
                              • Z
                                zaf
                                last edited by

                                in a hardware router, you have an option to port forward to a LAN IP also known as (virtual servers) is this option not available in Pfsense?

                                Thanks

                                1 Reply Last reply Reply Quote 0
                                • P
                                  podilarius
                                  last edited by

                                  generally in a hardware firewall/router, you cannot disable the entire FW like you can in pfsense. You can setup allow all rules and then do what kind of NATing you like.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.