Is it possible to port forward port 80 traffic that is sent to the wan interface
-
right now i have a port forward rule but it is not working. if i try to go to my public ip address from the LAN it takes me to the pfsense and gives me an error that something funny might be going on. If i try to access my external ip via port 80 it keeps churning and doesn't go any where.
So is it possible to run the 80 redirecting to 443 on the LAN interface as i will never need to access pfsense from outside.
-
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
I suggest you set up "Method2: split DNS" since it is the cleaner solution to your problem.As for the port to run the webinterface on:
System –> Advanced
allows you to configure which protocol and which port to run the webinterface.
Best is to set it to https.
If you need port 443 to be forwarded, set the webinterface to something else as well (8443 is a port i often see in such a scenario). -
If you must use NAT reflection you should probably set the web interface on pfSense to HTTPS and a port other than 443 (like 8443) and check WebGUI redirect to disable that.
All of this is under System > Advanced
-
I don’t much care about accessing my website from the LAN which both the split DNS and NAT refers to. I just want the site to be public accessible but that is not working. So if any one connects to the WAN interface on port 80 I want them to be redirected to the internal web server on port 80 so a simple port forward should work but it is not.
-
Are you testing from outside or inside? If from outside you are testing the port forward. If testing from inside you are testing NAT reflection regardless of what you are or are not concerned about.
Post your port forward(s) and the associated firewall rule(s).
-
Nvm It worked from outside dunno wot the issue was though but it works now.
-
Yeah. That's item #6 here:
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
The port 80 redirect to the web gui works completely differently for NAT reflection than with a port forward.