What am I doing wrong? I don't see it (NAT/port fwd)

adegans

According to webmin it's 10.0.0.1 (attached)
Would that be it? If so, can I add a 2nd gateway or is there another trick to work around that?

It's a Ubuntu 12.04 machine.


johnpoz

Why does your box have 2 networks attached?

Why is it not just connected to your 10.0.1.0/24 network??

adegans

Because there is another network coming in on the other interface, also with it's own wan… (Wan 1 & 2 - mentioned before) through another pfsense machine.

johnpoz

Sounds like one cluster of setup ;)

I am at a loss to why you would have 4 internet connections in the first place..  But why would these 4 connections not being into 1 pfsense box.

You have an asynchronous routing issue.  Yeah that is going to cause problems!

adegans

It's not that complex actually, and everything works, except these 2 port forwards.
So do you think its a gateway thing on the server itself? Or is something going wrong on the pfSense box?

johnpoz

Who said anything about complex, what I said was it sounds like a CLUSTER ;)

Dude your issue is networking 101 - what do not understand about this issue?

See the Pic

Derelict

@adegans:

According to webmin it's 10.0.0.1 (attached)
Would that be it? If so, can I add a 2nd gateway or is there another trick to work around that?

It's a Ubuntu 12.04 machine.

According to your original post, your LAN is 10.0.1.0/24.  10.0.0.1 is not on that network, so it's broken.

No workaround necessary.  Proper configuration is what you need.

This really is drop-dead simple.  Multi-WAN complicates it some.  You might consider unplugging one of the WANs, starting from factory defaults on pfSense, until you get everything working - then worry about Multi-WAN.

adegans

Derelict, I didn't think the other 'half' of my network was irrelevant to this issue.
But maybe it helps to know…

Because of some limitations I have/require 4 dsl connections to get a certain speed.
Because of me not paying attention when buying hardware I have 2 computers running Pfsense (instead of 1 with 7 NIC). Each has 2x WAN + the required Lans.

One Pfsense machine works, ports are forwarded and things go smooth.
The other Pfsense also works, but ports are not forwarded to 10.0.1.44.

The .44 machine is a Dell Poweredge with dual LAN. One interface is hooked up to the 10.0.0.0/24 subnet (10.0.0.44, gateway 10.0.0.1) and port forwards to that interface work fine, from that subnet.
The other interface, 10.0.1.44 also works, internally. But port forwards do not reach it.

Perhaps a simple gateway issue, but I'm not sure how to resolve that or even how to determine if it is. I'm no expert - As you may have guessed.

adegans

Searching some more for a "dual gateway" setup on Ubuntu, this seems more trouble than it's worth.
I'm going to explore some other options.

johnpoz

"Because of some limitations I have/require 4 dsl connections to get a certain speed."

And how are you getting a certain speed when they are connected to 2 different machines?  You sure and the hell are not bonding them, you can not even be doing load balancing over the 4.  So certain speed - no..  Bandwidth ok, but you would have to distribute what your doing over 4 different connections manually, etc.  So there is no possible way your fully utilizing the bandwdith you have available.

So your telling me there is no other connection options other than really slow dsl?  Come on, nonsense.

adegans

@johnpoz:

"Because of some limitations I have/require 4 dsl connections to get a certain speed."

And how are you getting a certain speed when they are connected to 2 different machines?  You sure and the hell are not bonding them, you can not even be doing load balancing over the 4.  So certain speed - no..  Bandwidth ok, but you would have to distribute what your doing over 4 different connections manually, etc.  So there is no possible way your fully utilizing the bandwdith you have available.

So your telling me there is no other connection options other than really slow dsl?  Come on, nonsense.

Why are you questioning me having 4 dsl connections when you know nothing about what ISPs have to offer here?
If I want to use 2 connections on each pfSense machine that's my business and does not apply/relate to my original question.

If you are quite done going off-topic, can we get back to my original question? Which is forwarding 2 ports…
As you suggested, this may be a gateway issue on the receiving server. I've looked into that, turns out it's a lot of trouble so I'm exploring some other options now. If you have other useful input, feel free to share.

Derelict

As was already pointed out, I'll bet the forwards are reaching the machine in question, but the REPLIES (SYNACKS, ACKS) are being routed somewhere goofy so the TCP connection is not coming up.  You will want to get to know a tool such as wireshark.

Like I said, I would SIMPLIFY your setup (ONE WAN, ONE LAN), which will prove the problem is not with pfSense and its port forwarding.

Having one machine on two LANs is almost never a good idea.

johnpoz

"Why are you questioning me having 4 dsl connections when you know nothing about what ISPs have to offer here?"

Because I work for a large IT Services company - and don't buy slow ass dsl being the only option.  Are you in the middle of nowhere?  And if you actually needing a specific speed, how you are doing it is NOT the correct way to go about getting it ;)

We have already solved your issue - and as typical it had nothing to do with any sort of issue with pfsense, just lack of understanding basic networking ;)