New to pfsense need help on port forwarding

extsuba

I am new to pfsense and I followed the setup at http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
but it did not work
my config is:
nat rule all default
WAN  TCP  80 (HTTP)  192.168.1.124
(ext.: 66.69.13.205)  80 (HTTP)

WAN  TCP  443 (HTTPS)  192.168.1.124
(ext.: 66.69.13.205)  443 (HTTPS)

WAN  TCP  4125  192.168.1.124
(ext.: 66.69.13.205)  4125

firewall rules

TCP  *  *  192.168.1.124  80 (HTTP)  *    NAT 
TCP  *  *  192.168.1.124  443 (HTTPS)  *    NAT   
TCP  *  *  192.168.1.124  4125  *    NAT

This is all for a windows home server box that needs port 80 / 443 / 4125

I run the check status on the home server that test these ports outside and its a no go on anything

GruensFroeschli

Could you elaborate on the setup?
What's in front of the pfSense?
How did you test "it's not working"?
Did you disable the firewall on the windows box?
Did you change the webgui to something else than port 80 and 443? (since you want to forward them)

kapara

Are you using static IP or dynamic on WAN?  Do you have a range of useable IP's.  Might need VIP's.

Also via SSH look at logs to see if there is any rules blocking traffic to that internal IP.

nocer

Hello,

That should work. I also have configured 80/443 to my severs as you did and just fine. Can you install wireshark things on the home server box(suppose it's Windows') to monitor that the pfSense really doesn't forward packets to the desired ports? Or do you have firewall enabled on the server box?

cheers,

extsuba

Setup is:

Internet–----Dynamic ip ---------Modem---------NIC 0 for wan pfsense nic 1 for lan------------patch pannel---------network switch---------network
1: what ever the dhcp address is on units it dont want to change i just plug in in on tcp/ip which the server is static sort of but have default of getting address and dns on auto
2: the current config works just fine with linksys router inplace of the pfsense
3: Windows home server can check to see if the pc can except incomming connections and rdp sessions
4: All firewalls are disabled on all boxes
5: even a fresh istall/factory reset of pfsense does not work -
6: do I move pfsense to different web port as aell as ssl for access and how to i do that
I would rather use pfsense than the linksys but it makes no sense why it does not work - I do the same steps on the linksys and its a go
THanks

AhnHEL

When you use the Linksys, is UPnP enabled on it?

extsuba

no it is not

kapara

Are you able to access internet when using pfSense? (Outbound Traffic)

Did you check the real time log via console or SSH to see if the traffic is hitting the pfSense firewall?  Watch the log and ask a friend to try to ping or access resources via your WAN IP.

You can also tell your rules to log and then check the firewall log to see if your friends IP is listed as blocked or allowed.

jahonix

Have you defined a firewall rule on LAN to allow your WHS to access the internet at all?
Are you sure your WHS has the internal IP 192.168.1.124?

Mine is working fine with these settings.
Except for port 4125 which I don't use. That's the RDP proxy, right?

extsuba

all systems on pf sense can access the internet just fine -
And it has the correct ip from dhcp which i plug in my self after all functions are working.

extsuba

Where do I find nat reflection i can not see it anywhere….would that help??

AhnHEL

You can try.

System/Advanced

At bottom of page under Network Address Translation

Disable NAT Reflection

Uncheck box