Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Forwarding ports?

    Scheduled Pinned Locked Moved NAT
    16 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ
      johnpoz LAYER 8 Global Moderator
      last edited by

      Your other IP is 192.168.3.1, do you have more than 1 lan segment?

      And have you gone through the doc I linked too - this is no brainer stuff to troubleshoot.  Did you sniff on your wan and the traffic is there, did you sniff on your lan and is the traffic sent?

      Are you trying to forward to the lan IP of your dd-wrt router?  And its also doing nat?  Draw out your network.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        @killmasta93:

        I will roll back to 2.1.5 to see if it works tonight and I will keep you posted if anything.

        Don't bother, that won't change anything. There's definitely nothing wrong with port forwards in any version.

        Go through the troubleshooting steps listed in the port forward troubleshooting document johnpoz linked. Try to connect from outside, go to Diag>States and filter on :8080. See it there? If not, packet capture on WAN filtering on port 8080. If so, what does the state look like?

        1 Reply Last reply Reply Quote 0
        • K
          killmasta93
          last edited by

          So here my setup the 192.168.1.1 is completely separate and has no contact with pfSense. Later tonight i will send the information

          Thank you

          Drawing1.png
          Drawing1.png_thumb

          Tutorials:

          https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

          1 Reply Last reply Reply Quote 0
          • K
            killmasta93
            last edited by

            hi so heres the screen shot of the ports
            Im just curious why it does not work for 8080 when i can forward on pfSense port 80 and 443 with no problem

            Thank you

            Capture.PNG
            Capture.PNG_thumb
            Capture2.PNG
            Capture2.PNG_thumb

            Tutorials:

            https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              So what does a sniff show on the lan of pfsense - does it show it sending the traffic?  Does dd-wrt answer?  Looks like not answering to me.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • K
                killmasta93
                last edited by

                o snap i think your right..i just tried port 22 i unchecked pfSense ssh to test the port then I tick ssh then open the port it worked. Hmm…howcome ddwrt not answering? well..worst case just create a vpn and connect to ddwrt

                THANKS :)

                Tutorials:

                https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  The connections are in time wait, which means they were successful at the TCP level bidirectionally, so your port forwards are fine. I presume that's the web interface of the DDWRT, what did you see in a browser trying to browse to :8080 on your IP from outside?

                  1 Reply Last reply Reply Quote 0
                  • K
                    killmasta93
                    last edited by

                    i think i need to play with some iptables in ddwrt to make it listen on that port because WAN is disabled on ddwrt

                    Tutorials:

                    https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                    1 Reply Last reply Reply Quote 0
                    • K
                      killmasta93
                      last edited by

                      o snap…port 80 is also ddwrt internally and 8080 wont work because its for the WAN and its disabled.

                      My 2 options are:

                      Change port 80 on pfSense which I really dont want to
                      or
                      find a way to change port 80 on ddwrt
                      OR
                      is it possible two devices running on the same port (80) be able to port forward (maybe crazy idea)  :P

                      Thanks

                      Tutorials:

                      https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                      1 Reply Last reply Reply Quote 0
                      • D
                        doktornotor Banned
                        last edited by

                        There's really nothing preventing you from forwarding 8080 -> 80 or whatever. As a generic note, you'd better get HTTPS working everywhere. Sorry but sending firewall/router credentials in plaintext over internet is a very bad practice.

                        1 Reply Last reply Reply Quote 0
                        • johnpozJ
                          johnpoz LAYER 8 Global Moderator
                          last edited by

                          Why anyone would allow public access to their admin gui of anything is beyond me..  If you want to admin dd-wrt while your remote then vpn into pfsense and do it that way.  Then you don't have to forward anything either ;) This is way MORE secure..

                          An intelligent man is sometimes forced to be drunk to spend time with his fools
                          If you get confused: Listen to the Music Play
                          Please don't Chat/PM me for help, unless mod related
                          SG-4860 24.11 | Lab VMs 2.8, 24.11

                          1 Reply Last reply Reply Quote 0
                          • K
                            killmasta93
                            last edited by

                            Thanks johnpoz and doktornotor your completely right. Its better though VPN i guess i got used to ddwrt for a while didn't want to let it go.  :P Just trying to adapt more to pfSense now  :)

                            Thank you again

                            Tutorials:

                            https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.