Opening 3 ports on multi WAN/multi LAN to one computer behind firewall
-
If you only plan on connecting to these three ports through WAN1 then you can just create the NAT rules and forward those ports to the computer on your LAN. Just choose the correct WAN connection you want to use under "Interface" and it will work.
You can create a rule for each WAN connection and forward them to the same LAN IP then it will allow you to access the same pc from either WAN1 or WAN2's IP
-
Last answer got lost when trying to save it. So I try again…
I did not even think of using the NAT part and went straight for the rules section...
Anyway, I set up a rule, but when I test via a net based testing tool if the port is open, the answer is always no.
Will try to attach a screenshot here. I change the addresses, so it should be fine. Feel free to write all over it! Hmmm... Website here is crashing when I try to embed an image...
-
May sound like a dumb question, but have you verified that the port is open on the PC's firewall. Can't tell you how many times I went through all the complicated steps just to overlook what should have been first.
-
May sound like a dumb question, but have you verified that the port is open on the PC's firewall. Can't tell you how many times I went through all the complicated steps just to overlook what should have been first.
It is a very relevant question, but yes, I have verified it :)
Will try again to make a screenshot and find a way to post it.
-
Last answer got lost when trying to save it. So I try again…
I did not even think of using the NAT part and went straight for the rules section...
Anyway, I set up a rule, but when I test via a net based testing tool if the port is open, the answer is always no.
Will try to attach a screenshot here. I change the addresses, so it should be fine. Feel free to write all over it! Hmmm... Website here is crashing when I try to embed an image...
Here is a link: http://tinyurl.com/natrules
-
Try changing the destination Type: in the NAT rule from "any" to "WAN address".
-
Try changing the destination Type: in the NAT rule from "any" to "WAN address".
Thank you for the suggestion. Yes, that was the way it was in the beginning. And I changed it again now just to test. Still getting that the port is closed when testing it… (using a web based testing tool).
Seriously thinking about disabling WAN2 and test without it to find out if it is the extra wan that is causing problems.
I enabled ICMP on WAN just to test, and I got ping answer when trying it from my home. But adding the same as a NAT rule and try to get an answer from the PC does not work. I do get an answer from it if I am on the inside of the network using the private IP address...
-
Need more details as to your config. This stuff just works so without seeing your config it's impossible to know what's not right. WAN interface, LAN interface, WAN Rules, LAN Rules, ipconfig /all (or equivalent) on the server, etc.
Anyway, I set up a rule, but when I test via a net based testing tool if the port is open, the answer is always no.
What does this testing tool do? If it's a web page that tests your source IP address for an open port you might be egressing on the other WAN and screwing it up.
-
What version of PfSense are you running? If it's 2.2 beta then I believe there a problem there. I have had issues as well. If you are running 2.1.5 then it should be pretty straight foward.
-
If it's 2.2 beta then I believe there a problem there. I have had issues as well. If you are running 2.1.5 then it should be pretty straight foward.
Exact, we are awaiting for the fix in 2.2beta.
