Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nat rules

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 770 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      datajumper
      last edited by

      ok  guys im sure you have seen all the post about people having issues with port forwarding
      i have read alot of them and watched alot of videos

      so at this point  so i dont blow my brains out  im going to prtend that i dont know anything

      can someone please give me detailed instructions  (  pretend that i am a noob  )  wich i kinda am on pfsense

      ok so once i figured out that port 443 wasnt forwarding after  i went to  firewall > nat > + sign > and created a new rule
      interface > wan  >prtocol > tcp/udp > source > left it alone  > Destination > any  > Destination port range 443 : 443 >
      redirect target ip >  my internal ip > redirect target port > 443 > description > https > nat reflection > system default

      filter rule association > create new associated filter rule > …..........

      and when i done a portscan " online "  i understand i am behind a firewall

      port 443 closed / isnt respnding

      so i done the same thing with port 22/ssh  and it worked like gangbusters !

      so why in the h*ll can i not get out on port 443 ??  i really dont understand
      i have read about dns split  blah blah  i have tried most of the tutorials out there 
      and a few times i had to reset back to factory defaults because i lost internet connection

      so please even i know a little bit about this treat me as if i know nothing  ( treat me like a baby )
      and please explain in the  most simplest  way possible
      to tell me how to port forward  port 443
      i have read the troubleshooting guide  ...i have read the port forward instructions
      so please i am  humbly asking for help
      thank you guys for being here  to help
      i look forward to your response  thanks in advance

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        "Destination > any  >"

        Well that is wrong..  Dest would be your wan address.

        so you read the troubleshooting doc..  And did you follow it or just read it.  First thing to do is make sure the traffic is actually getting to pfsense wan.  Pfsense can not forward something it does not ever see.

        How are you testing this?  You need to make sure your coming from outside pfsense..  Your not trying to hit your pfsense wan IP from inside pfsense are you - that would be nat reflection and can be problematic and should really just be avoided.  There is never really a valid scenario that it makes sense.

        this really is clickity clickity..  Create your foward and your done.  If something is not working you either did it wrong or the traffic is not even getting to pfsense.  You also need to check your firewall on the box listening on 443.  maybe pfsense sends it through and that firewall blocks it?  You sure the box is even listening on 443?  Can you access it from a host on your lan directly?

        The troubleshooting guide covers pretty much every scenario that could be a problem.

        Its possible your isp blocks 443 and or you have a nat in front of pfsense that you did not forward 443 to your pfsense wan IP, etc. etc..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.