Virtualized pfSense and port forwarding

developej · Mar 9, 2014, 2:07 PM

Hey,

I have pfSense running inside VirtualBox. My host is connecting to the internet through that guest.


 ip route
default via 10.0.0.1 dev vboxnet0  metric 204 
10.0.0.0/8 dev vboxnet0  proto kernel  scope link  src 10.0.0.100  metric 204 
10.0.56.0/24 dev vboxnet0  proto kernel  scope link  src 10.0.56.0 
178.148.140.0/22 dev eno1  proto kernel  scope link  src 178.148.142.61  metric 203

So in pfSense I have DHCP server, with range of 10.0.0.101-10.0.0.110 and a static ip for the host 10.0.0.100.
In VirtualBox network settings for pfSense I have 2 NICs - 1 is bridged and 2 is host-only adapter 10.0.56.0.

I have also set up a Dynamic DNS service (no-ip free) and if I type in browser my noip address I will get the webui for pfSense so it means it is working correctly.

Now to my problem:
I have bittorrent sync service running on my host (port 8888).
If I type in my browser 10.0.0.100:8888 I will get webui of btsync.
If however I type mynoipaddress:8888 it will not work.

Here is how Firewall: NAT: Port Forward is looking

and Rules (created automatically)

It just hangs.

On the other hand, I opened my SSH port and I can connect with no problems.
What am I missing here?

Thanks

jswj · Mar 9, 2014, 3:14 PM

By mynoipaddress you mean the host FQDN? If yes, try to ping mynoipaddress or nslookup, see if it resolve to 10.0.0.100.

Otherwise, need to be clear of the information you give.

developej · Mar 9, 2014, 4:15 PM

Yes, mynoipaddress is FQDN.


$ nslookup mynoipaddress

gives WAN address, not 10.0.0.100? And it should be like that, right? It is when I go to WANip:8888, pfSense should translate that to 10.0.0.100:8888?
I repeat, SSH is working fine and I set it up in the same way…

jswj · Mar 10, 2014, 2:55 AM

I still don't understand your setups, maybe best if you put some physical setup drawings if possible. But from inside a LAN behind a firewall, you normally can't browse the WAN IP of the same firewall, use a different internet connection.

developej · Mar 10, 2014, 6:54 PM

Here it is

So I have one machine (vbox host) and one vbox guest (pfSense) and I connect to the internet through that guest.

My machine has static ip 10.0.0.100.
pfSense has 2 NICs, first bridged to WAN and second host-only (created in VirtualBox network settings, not settings per guest, but general settings).
pfSense also has Dynamic DNS service enabled and it is working (I can type in FQDN in browser and get to the web ui of pfSense).

Port forwarding images are posted few posts back - if I type FQDN:8888 I don't get the ui. 10.0.0.100:8888 is working.
But SSH which I set up in the same way is working fine using FQDN.

jswj · Mar 11, 2014, 2:41 AM

Assuming you have disable DHCP server from the virtualbox general settings on host-only network and run DHCP from pfsense LAN host only interface, you have two host-only interface on pfsense with the same name, vboxnet0, would this cause the problem? since the same interface has two subnets (although it overlaps).

another thing is, your FQDN should reflect the public IP of your pfsense WAN.

developej · Mar 11, 2014, 7:05 PM

DHCP in settings for host-only adapter is turned off, but it is on in pfSense, yes. I will try to play with that when I get some time (day or two) and see what comes up…
Thanks for your help till now, I'll report results.

edit: yes, you were right, two host-only interfaces were the problem...thanks again