Firewall NAT Port Forward Help
-
Hi guys,
Thanks for responding.
I take your point regarding telnet. Therefore, I will go with SSH.
So I need to SSH to a router via pfsense.
I might not be explaining myself well enough, but to be honest I assumed most people on this forum would have worked with Cisco routers, switches etc…
I can't be the first person asking this question.
I would like to remotely connect to a router that is behind my pfSense firewall. The router has the private address 192.168.1.3.
Clearly I can't SSH onto the router from the Internet to the private address. My pfSense firewall has a WAN address, say 74.65.78.12 and the router with the private address 192.168.1.3 sits behind the pfSense with the WAN ip address, 74.65.78.12.
I have configured the firewall:nat as shown in the image, but it doesn't work.
Can someone please help me.
Carlton
-
ahhhh
so your pfSense is not your router in this case ;D took some time…...In your screenshot there is no Redirect target port entered. You should enter SSH there to.
But even if you do that there is a possibility that your Router doesn't allow connections from any network(only local or known nets).
If that's the case, you should consult your router documentation. -
Joel
Thanks for responding.
May be the I didn't explain myself well as the other responders didn't come close to understanding what I am trying to achieve.
Anyway, I have added SSH to Redirect target port.
So, when I ssh to 74.65.78.12 should I be directed to 192.168.1.3?
If so, it doesn't work
-
Hi,
I have to appreciate that members here aren't too familiar with routers, therefore I'll provide another sample. This time I would like to RDP to a remote Windows Workstation, ip address 192.168.1.2, sitting behind my firewall
The pfSense firewall has an WAN ip address (not real) 74.75.89.1
I have configured the firewall NAT Porward Edit as shown in the image.
Can someone please tell me why this won't work…
-
Can someone please tell me why this won't work…
What's the corresponding firewall rule look like?
-
Derelict
See image for corresponding firewall
-
Oops
-
Should work fine. Does 192.168.1.2 default route back to pfSense? Does it allow inbound MSRDP from "unfriendly" networks?
-
Hi derelict
192.168.1.2 doesn't default to pfsense. However, I an RDP to from unfriendly networks.
I don't undersatnd - it should work
-
Well, the return traffic is going to go wherever the default route tells it to go. If that's not the router node with the NAT translation it's not going to work.
-
The ofsense LAN address is 192.168.1.1, the public address is 74.x.x.x. Are you saying that the default route on the Workstation should be 192.168.1.1?
-
Yes. If you want this to work it has to be.
-
Ok,
Going to get out of bed and try now..
Back in 5mins
-
Brilliant
That worked
Thanks Derelict