Firewall rule to allow specific port over WAN interface.
-
You have it with that filter rule association at the bottom. If you look at firewall rules, WAN you should see a corresponding rule with "NAT Plex Server" as the description.
Are you testing from inside or outside?
-
-
Testing from inside will be problematic unless you connect to the inside address.
Testing from outside should work as long as the inside host has its default gateway set to pfSense and its firewall allows the connections from any IP address.
See Common problems: https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
-
This was the orginal rule I created when testing my plex server which worked when I bypassed it from the VPN (PIA) so it was working when the server was solely using WAN. But I want to have the server behind the VPN but only allow just plex to go out through WAN. I have pfSense setup so all conections go through PIA unless otherwise specified.
here's a screenshot if this helps.
If you'd like me to post any other screenshots to help you let me know!
-
Testing from inside will be problematic unless you connect to the inside address.
Testing from outside should work as long as the inside host has its default gateway set to pfSense and its firewall allows the connections from any IP address.
See Common problems: https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
I know everything is setup correctly on server side because It works when the server is not behind the VPN (I enable the firewall rule I created to bypass the VPN), then when I disable that rule (VPN up on the server) plex cannot connect to the outside
-
I don't think you're hearing me.
Connections from outside devices into WAN then port forwarded to 192.168.12.6 have NOTHING to do with any rules on LAN nor with outbound NAT.
Read all of those caveats regarding a WAN interface that is not the default gateway and make sure none apply to you. Like numbers 10 through 14. All that talk about reply-to is to ensure that traffic for the connection initiated from the outside is sent back out WAN, not some other gateway (like PIA).
Look hard at the configuration of the server at 192.168.12.10. Again referring to the link above and points 1 through 6.
-
then when I disable that rule (VPN up on the server) plex cannot connect to the outside
Connections from the plex server to the outside are handled by a completely different set of rules. Namely the ones on LAN and outbound NAT.
-
I don't think you're hearing me.
Connections from outside devices into WAN then port forwarded to 192.168.12.6 have NOTHING to do with any rules on LAN nor with outbound NAT.
Read all of those caveats regarding a WAN interface that is not the default gateway and make sure none apply to you. Like numbers 10 through 14. All that talk about reply-to is to ensure that traffic for the connection initiated from the outside is sent back out WAN, not some other gateway (like PIA).
Look hard at the configuration of the server at 192.168.12.10. Again referring to the link above and points 1 through 6.
Thanks I understand what your saying. I do not however understand 10-13 :(
-
It is probably the firewall on the windows host running the plex server. It probably does not allow connections from remote networks. Only connections it thinks are local.
PM me your public IP and I'll test from here.
-