New to pfsense

meluvalli

Hi Steve.. Sorry, maybe I didn't make it real clear. I am using my external address to access it. So, with your same test, lets say your external IP address is 60.54.1.23… From internal on another client, you would want to access http://60.54.1.23:9987 and it will fail.

Also note, that it works fine if you are outside your internal network. This is why I am thinking it is not a firewall issue as it works from outside the network!

Thank you.

tim.mcmanus

Forgive me for not completely understanding, but you have a server that lives on your internal network with a local (internal) IP address. And you have clients that access that server with a hard-coded IP address and port using an external IP address. And you cannot change the IP address of these clients or any other networking information? Seems odd that in this day and age people would set something up like that, but that's IMHO.

If you want to host a Teamspeak server internally and make it accessible from internal and external IP addresses, I can help you with that. I've done that countless times, and I authored the "How To" post in the forums for Mac users.

stephenw10

Ah, OK.
I agree with Tim that not being able to use a URL instead of an IP seems quite archaic. ;)
You could setup a manual port forward for that on the LAN interface. I don't know why NAT reflection wouldn't take care of that for you though. You can specifically disable it for each port forward, I assume you haven't done that?

Steve

internal_redirection_test.jpg_thumb

meluvalli

@stephenw10:

Ah, OK.
I agree with Tim that not being able to use a URL instead of an IP seems quite archaic. ;)
You could setup a manual port forward for that on the LAN interface. I don't know why NAT reflection wouldn't take care of that for you though. You can specifically disable it for each port forward, I assume you haven't done that?

Steve

No. I haven't done that.

As far as creating a forward on the LAN side, I have tried putting in the NAT Port Forward rule as you show in your example. This also didn't solve the problem :( I even tried setting "NAT Reflection" in the rule to "enable" and still nothing :( Any other recommendations? By looking at that, it really seems like it would work :(…

Thanks for all your help!

Example.png_thumb

tbarlow

@tim.mcmanus:

Forgive me for not completely understanding, but you have a server that lives on your internal network with a local (internal) IP address. And you have clients that access that server with a hard-coded IP address and port using an external IP address. And you cannot change the IP address of these clients or any other networking information? Seems odd that in this day and age people would set something up like that, but that's IMHO.

If you want to host a Teamspeak server internally and make it accessible from internal and external IP addresses, I can help you with that. I've done that countless times, and I authored the "How To" post in the forums for Mac users.

TS is not a prob I can use the internal IP and port for it I can even use internal DNS as someone said above option 2 split DNS that file for the TS prob, the prob is I am working on a project that has to use the out side IP DNS is not an option and the IP is hard coded into the client exe file witch is used both inside and outside my network but I will also like to know Y only the higher IP's are giving me prob 25,110,443,80 they all seem to work for the most part anyway even if someone has a work around I will be fine with that just let me know I am working on 2 projects 1 I have no control over it can't use DNS local but the second one I might I will check into it and see what I can do since I have full control over it i'll see what I can do thanks

Sincerely
tbarlow

tim.mcmanus

This thread might help; long shot though. http://forum.pfsense.org/index.php/topic,61201.0.html

Can you post your NAT and Firewall rules? Screen shots will speak volumes.

stephenw10

I think that option (in the linked thread) only applies to 1:1 NAT. It's interesting though.

Steve

meluvalli

Hi Steve.

Did you happen to see my screenshot? Did it look like I was doing that correctly? Because it didn't work either :(

Any other thoughts?

stephenw10

Hmm, I'm not sure if you should have NAT reflection enabled on that internal port forward or not. :-
With changes like this, especially if you have already been trying various connections, you may have to clear the state table to force the new rules to take effect.

Steve

meluvalli

Steve - I cleared state and no change :(

After I cleared state and tried again, I looked in state to see what it says for that port. I am attaching that.

Do we have any other recommendations??? :(

Thanks

Example_State.png_thumb