Problems with NAT
-
Hello All,
The Problem I am encountering regarding my NAT settings. I have 4 NAT conditions that do not seem to work.
For the sake of brevity the 4 rules are basically the same with the exception of different ports. Id like to focus on the first rule for remote access to my plex server, settings below:
I have tested the ports using the pfsense built in Test tool within the diagnostics menu to see if the port was open, it shows that it is.
Although, when I go to a website for further testing (canyouseeme.org), it fails with connection timed out. I am not sharing the snip because I do not want to redact my IP - if needed I will.
The machine the plex media server is running on has the following firewall rule directly associated with 32400 (UFW), see below:
General network configuration.
SB6190 (Comcast - FML) modem, to(ethernet) Pfsense router, to(fiber) core 10Gig switch, to(fiber) 10Gig Switch, to(fiber) Server.
I am able to access the server within my LAN (ports: 32400, 8096, and 8920) which leads me to conclude that my server UFW is configured correctly.FWIW the NAT rules for ports 8096, 8920, and 51001 all exhibit the same problems. However, the program that uses 51001 does appear to act correctly even though the remote test fails (canyouseeme.org) while the pfsense and app report correct functionality. I am not sure if this a irrelevant to my problem but I am trying to give as clear a picture as possible.
Moreover, the two NAT rules for Emby fail and I am not able to access the Emby server remotely - ironic that this problem led me down this rabbit hole.
I am sure I did something stupid and would appreciate any and all help.
If you need active snippets of my log, please provide parameters/directions and I will reply.
Cheers and happy New Year.
-
@samfisher06
Ensure that the destination machine on 192.168.1.70 does not block the access. Usually computer firewalls block access from outside of the own local subnet. -
I agree... I'd check that firewall rule on the server... the source is not likely 192.168.1.0/24 if the traffic is coming from the internet.
-
Thank you both. I knew I had missed something, Cheers.
To anyone else reading this.
on an ubuntu server hosting a service such as plex or emby the UFW entry I made was as follows:sudo ufw allow in on <your interface used> to any port 32400 proto <what the service protocol required> comment '< in this case its for plex, "plex Externa connection">'
Thank you very much again, please mark this as closed.