How to open ports in pfsense 2.5.1 ???

KOM

@firefox Yes. When doing your NAT testing, it's always best to test from outside your network.

firefox

@kom
what is NAT testing, ?
and how do i test it

KOM

@firefox Port-forwards are used to allow external clients to reach and use internal services. You have port 5662 forwarded from your WAN to a server at 192.168.1.2. That server is running some service that listens on that port. NAT testing isn't some official term, it just means to test your port-forward to make sure it's working. How to test it? That depends. Amule is a P2P app, so you would have to offer up some unique content from your server and then try to connect to your server from outside your network with an amule client.

firefox

@kom
I get a message that the udp ports are closed
That it's weird that the tcp port is open
And I made exactly the same settings

SundarNET 0

you have to forward the ports everywhere in your modem to pfsense then from pfsense to device but if you have multiwan then you need a different version of pfsense as port forwarding in version 2.5.1 is broken

KOM

@firefox TCP and UDP behave differently. UDP is stateless and you can't test if it's open or closed like you can with TCP.

@SundarNET-0 That is only the case if his modem is NATing his connection. Since he can see his open TCP port from outside his network, his modem must already be in bridged mode.

firefox

@kom

The modem is in bridge mode
Everything works now.

udp port Is connects but I get a message that it's behind a firewall

Only after 30 seconds does it switch to "connected"

Thanks

KOM

@firefox IIRC the aMule docs said something about port 5672 needing to be static.

From their FAQ:

4672 UDP (outgoing and incoming): Extended eMule protocol, Queue Rating, File Reask Ping, Kad. Kad will be 'firewalled' if NAT (Network Address Translation) remaps this port number.

By default pfSense uses dynamic source ports. You will need to create an outbound NAT rule that tells pfSense to use static port when talking to 5672/udp.

firefox

@kom
here ?

KOM

@firefox Well, that's the general area. Are you editing an existing rule or adding a new one? Btw you should select Hybrid mode at the top of the outbound NAT page and then add a new rule.

firefox

@kom

like this ?

KOM

@firefox Unless you actively use IPv6, I would set Address Family to IPv4 only. For Source, your address should be a /32 since it's just that one client. Source Port could be blank as that will match any traffic from that client going to port 5672. I don't know if aMule always goes 5672<->5672 or if they don't care about your source port as long as it doesn't change (static).

firefox

@kom
I added it and there was no change
So I deleted it

At the moment it works
does not bother me to wait another 30 seconds for it to appear that it is "connected"

Thanks