Port forwarding frustrations
-
Hello I'd like to ask for you help since I been having some serious issues with pfsense for ages now.
I've been portforwarding for ages now but mostly on simple consumer routers. Although I can't get it to work on PFsense.
My set-up is the following:
Pfsense is installed on a virtual machine (vmware), it has 2 nics that are only accesible to the VM these act as the la,/wan port, all has been running a couple of months stably.
I recently upgraded to the latest version.For the port forwarding I followed every tutorial that i could find but only to find disappointingly little results.
I've setup 2 aliases, one of the server and one for the ports, I'll include screenshots.
Then I have created a linked rule in the nat and rules sections of the firewall.There are no further upstream/downstream issues as the server works fine and my isp blocks nothing, on other routers (dd-wrt) everything was fine and simple…
Here are the screenshots
Host alias as attachment 1
Port alias as attachment 2
Firewall: nat as attachment 3
Firewall: rules as attachment 4Any advice would be greatly appreciated, I'm lost in the maze that is PFsense
-
So you got a lot of ports in there.. Did you try just 1 port at a time? And then going through the troubleshooting doc for that 1 specific port if does not work?
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
1 thing that jumps out me and would explain your issue is pfsense wan is not public, ie its behind a nat and you didn't forward your ports at nat in front of pfsense.. This is very common mistake. Your pfsense is running on virtual. What is wan IP?
-
Thanks for your reply
I'll try to make a port forward for a single port later today, but i have little hope of succeeding.
My WAN should be public however, Pfsense makes its own PPPOE connection to my isp, these is a modem between pfsense and my DSL provider so I think that should be fine.
-
Go through the checklist in the link above. Your problem almost certainly is listed there.
Just to eliminate #5, What are the first two numbers in your WAN IP address?
-
The first digits are 213.xxx.xxx.xxx
-
So go through the checklist and check everything no matter how silly it seems. Really check it all. Really.
-
So I provide the link, and derelict says check the list per provided link and he gets a thank you and get nothing - wtf? ;)