Manual port forwards not working on 2.1.

opjohnny

This is on the ESXi host/pfSense VM in my sig.

I have a Win7 x64 Ultimate VM on the same host and last week I forwarded MS RDP on it(remote desktop) which is port 3389 and that worked fine, web port checker tool says it's open, I can remote in to it no problem(and so can a friend).

Today I tried to forward TCP/UDP 25000-25003 and 30000-30003 in order to host a 7 Days To Die server in that VM and those ports just won't open, and I'm pretty sure I have these set properly.  I even deleted those new rules and mirrored the 3389 rule and changed the port numbers just to be sure.  Even the firewall rules for these new port ranges matches the firewall rule that was created for the 3389 port forward.

NAT-

WAN    TCP            *    *    WAN address    3389(MS RDP)    10.0.0.15    3389(MS RDP)
WAN    TCP/UDP    *    *    WAN address    25000-25003    10.0.0.15    25000-25003
WAN    TCP/UDP    *    *    WAN address    30000-30003    10.0.0.15    30000-30003

Rules-

IPv4 TCP            *    *    10.0.0.15    3389(MS RDP)    *    none
IPv4 TCP/UDP    *    *    10.0.0.15    25000-25003    *    none
IPv4 TCP/UDP    *    *    10.0.0.15    30000-30003    *    none

I even tried making individual TCP and UDP rules and that still didn't work.  I'm still getting "port closed" when checking it from the web, and can't connect to the server from my main rig using external IP and localhost IP.  There is no other router on that network, and the firewall for that Win7 VM is disabled.

Is there something wrong with my pfSense install or am I missing something here?  If it matters I do have snort installed but I followed the basic setup instructions for it and have applied no rules, and my port checks from the web aren't being logged by snort which means it should be the problem here(not to mention the fact my 3389 port forward still works).

ETA:  Enabled logging on the firewall rule for 25000-25003 and this is what it showed every time I do a web port check for 25000…

pass    Dec 30 20:47:40    WAN    198.199.98.246:47583    10.0.0.15:25000    TCP:S
pass    Dec 30 20:47:40    WAN    198.199.98.246:47582    10.0.0.15:25000    TCP:S
pass    Dec 30 20:47:40    WAN    198.199.98.246:47581    10.0.0.15:25000    TCP:S

So according to that it should be working, but the port is still showing as closed?

ETA:  I just forwarded port 8080(used for the game server control panel) and that worked right away.  Wth, why can't I forward those other ports?

johnpoz

You say you can not connect using "and localhost IP"

That tells me the ports are not open on where you forwarding them then.  If you can not connect using the 10.0.0.15 IP – then seems 10.0.0.15 is not even listening..  Or it is running its own firewall preventing your access.

opjohnny

It turns out that I did have everything set up properly, but the server I was running was suffering an error in the background that I never noticed.  I have everything working now, although the port still says blocked I am able to connect to 10.0.0.15/25000.  Just need to have a friend connect from the outside to test.