Forwarding port 80 did`t work
-
OK, so there is nothing listening on tcp/80 on pfsense that would conflict. Your WebGUI is definitely on tcp/444. Are you sure your http NAT rule is good?
-
-
OK, next is to start doing some small packet captured on WAN and LAN while making a request to your tcp/80 NAT. Again, always test from OUTSIDE your LAN. That may mean using your mobile phone or some other location like your work, or a VPN if you have one. Do your captures and then check them. Is WAN seeing the incoming request? Is LAN passing it to your web server?
-
I am testing from outside. I am just connected to the internal pc with teamviewer. If I am doing a port check from outsite from https://ping.eu/port-chk/ I got port 80 is closed. Funny thing is I have the same problem with port 5900.
If I check the webserver from a LAN computer its fine. I could connect to it. If I try to connect from outside I don`t have any entries at the firewall log from my wan ip here.
-
So do the packet capture like I said and see what it shows you. Perhaps your ISP blocks incoming tcp/80 traffic for consumer accounts?
-
I talked with the isp. They told me if I using the hardware in bridge mode nothing will be blocked from them. So it must something at the firewall. It`s the same with port 5900 also closed.
-
Well, every port should be "closed" if there is nothing listening on those ports on the firewall or being forwarded to LAN.
Go to Diagnostics - Packet Capture. Set it for WAN. Get ready to try and load your http server and then click Start. Hit the server. Click Stop. Either post the capture output here for me or someone else to look at or load it up in Wireshark and look at it yourself. If you post it here, obscure any public IP details. Look to see if WAN is seeing these http requests at all. Do the same thing but select LAN. See if pfSense is passing the packets on.
-
I don`t see any request at port 80. I see all the 443 access etc. I posted it here http://bit.ly/2OmMMft because Akismet is telling me its spam
-
Sorry, I should have told you to narrow the capture using the protocol and port fields. That said, if your WAN isn't seeing the tcp/80 traffic then something is blocking it before it gets to your WAN.
-
Thanks for your help. After a couple of calls with the ISP they found the problem on there site :)
-
@bchristopeit I have the same problem, how did you solve it?
-
OP hasn't been here since he posted that so I doubt he will reply.
He said he called his ISP, and they had configured something incorrectly. They probably flipped his modem into bridged mode.
-
@KOM Entiendo, muchas gracias
