Torrent doesn't work



  • Hello,

    I am not able to use uTorrent since I configured my pfsense.

    Here my informations

    Router –------------- 192.168.8.50
    PFSense WAN -------192.168.8.11
    PFsense LAN --------192.168.1.1 (IP I use to access to my pfsense)
    MyPC ------------------192.168.1.3 (where I would use utorrent)

    • First off I need to make a port forwarding in the router to the Wan interface on the Pfsense Box. DONE (I am sure it works)
    • Secondly I need to create 2 Nat rules and associated Firewall rules to allow incoming and outgoing Traffic to the torrent client and I used Utorrent's built-in port checker to test the port.

    You can see the attachments for my configuration.

    Please could you help me to find my mistake?

    Thank you in advace.










  • Put you router in bridge mode so that pfSense receives external WAN IP.  You are ding double NAT, which makes port forwarding and general troubleshooting much more complex.



  • Utorrent works for me with port forwarding only (1st rule in 2nd screenshot). You must select TCP/UDP, instead of just TCP, because torrent traffic is mostly UDP.



  • I do double NAT because of my ISP, and I just put PFSense in the DMZ. All traffic is forwarded by default.



  • Thank you all.

    @Harvy66 and macboy6        Yes the same for me, because of my ISP I cannot do it

    @ pf3000 I thougt that, I retried right now unfortunately doesn't help.

    For double check I removed everything and I unabled the second Rule showed in the 3rd screenshot (wich is disabled as you can see) and ofcourse it works but in this way I can understand that the problem is on my pfsense and not on my router.

    Any other ideas are welcomed



  • @pf3000:

    Utorrent works for me with port forwarding only (1st rule in 2nd screenshot). You must select TCP/UDP, instead of just TCP, because torrent traffic is mostly UDP.

    I read better now, sorry, so you mean to remove the rules(WAN LAN) and leave alone the 1st port forwarding? I try and I'll let you know. I hope it'll work.



  • It did not work, no luck.

    any other suggestion?

    Thank you



  • Hi, I did't figure out what's wrong.

    Is there a way to get help from wireshark?

    It works only if I enable this following Rule, and I don't want to.

    –------------------------------------------------------Rules (LAN)-------------------------------------------------------------------

    Protocol   Source Port   Destination Port   Gateway Queue Schedule Description Actions

    IPv4 *     *         *             *                 *   *                 none

    How could I manage this issue?

    Thanks in advance



  • Have you verified that your ports are open and that you're able to see the traffic coming in on the WAN and the same traffic hitting your LAN?



  • @Harvy66:

    Have you verified that your ports are open and that you're able to see the traffic coming in on the WAN and the same traffic hitting your LAN?

    I tried from outside through out this website http://www.yougetsignal.com/tools/open-ports/ it says that the port is closed, I disabled the router's firewall for a while, nothing it results always closed, but even though it results closed when I enable that rule I wrote previosly, uTorrent works fine, something isn't clear to me.

    On the other hand if I try with telnet I am able to connect only to the LAN IP on that specific port, it fails to the Router IP, it fails to the Public esternal IP.

    Is there something else I can do to troubleshoot. I have installed wireshark, I am honest I don't know how to use it, could you help?

    Thank you for your patience



  • It's because you have a router in front of pfsense and you need to setup a NAT forward from there. This is why you should make sure you can put your cable modem into brigde mode so pfsense is assigned external WAN IP.



  • @macboy6:

    It's because you have a router in front of pfsense and you need to setup a NAT forward from there. This is why you should make sure you can put your cable modem into brigde mode so pfsense is assigned external WAN IP.

    It is, I have got a Modem/Router from my ISP (very poor stuff) but it manages also the Voip, the GUI it is very simple it doesn't give me the possibility to set it in Bridge mode, I can do port mapping though ( I guess is the same of NAT forward and I already forwarded that port) I even disabled the embedded firewall. I try to follow your thoght, but can you explain why if I enable the rule I mentioned before uTorrent works, so that means if I set properly the NAT and the Rules on my PfSense everything should work. Isn't it? That means also that the packets are passing throug out the ISP's Modem/Router. Sorry if I am repetitive but I want to make sure I understood what you said.

    Thank you a lot



  • Does it have an option to assign DMZ to a device? That's what I do.



  • @Harvy66:

    Does it have an option to assign DMZ to a device? That's what I do.

    Unfortunately it doesn't have it, I asked my ISP too. I browsed all items in all his menu. Nothing it seems it is their policy, they do not want to, don't ask me why, I don't know.

    Now I am enabling the rule that makes it work only when I need it.



  • If the any/any rule you posted makes it work, then that means at least NAT is working.

    Check the configuration settings of uTorrent itself, by default it will randomize the port it listens on.
    You may also look at enabling uPnP, uTorrent is pretty good about using uPnP. Also, as a side note, for troubleshooting pfSense uPnP, uTorrent is good for that as well because it plays nicely with pfSense's implementation.

    Also, NATing does not imply allowing access with a rule. For example, I have an old NAT rule for a TS3 server I hosted for a short while, however, after moving to a proper hosted service, the firewall rule itself that allows that access has been disabled, the NAT is still there, but the rule that allowed it is disabled. So if i spun that TS3 server up again, it would never work until I re-enabled the access rules.



  • @rudger_wolvram:

    If the any/any rule you posted makes it work, then that means at least NAT is working.

    Check the configuration settings of uTorrent itself, by default it will randomize the port it listens on.
    You may also look at enabling uPnP, uTorrent is pretty good about using uPnP. Also, as a side note, for troubleshooting pfSense uPnP, uTorrent is good for that as well because it plays nicely with pfSense's implementation.

    Also, NATing does not imply allowing access with a rule. For example, I have an old NAT rule for a TS3 server I hosted for a short while, however, after moving to a proper hosted service, the firewall rule itself that allows that access has been disabled, the NAT is still there, but the rule that allowed it is disabled. So if i spun that TS3 server up again, it would never work until I re-enabled the access rules.

    Exactly, I am sure the NAT is working for that reason.

    About uTorrent the option to randomize the port is disabled I've just double checked, and the 2 option "UPnP" and "NAT-PMP" are enabled.

    If I got what you mean, the rules say the last word, let's say so. Hence I need to create a rule that will not be so OPEN as it is the any/any rule that I am using.


Log in to reply