Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New to pfsense need help on port forwarding

    Scheduled Pinned Locked Moved NAT
    12 Posts 6 Posters 12.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      extsuba
      last edited by

      I am new to pfsense and I followed the setup at http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
      but it did not work
      my config is:
      nat rule all default
      WAN  TCP  80 (HTTP)  192.168.1.124
      (ext.: 66.69.13.205)  80 (HTTP)

      WAN  TCP  443 (HTTPS)  192.168.1.124
      (ext.: 66.69.13.205)  443 (HTTPS)

      WAN  TCP  4125  192.168.1.124
      (ext.: 66.69.13.205)  4125

      firewall rules

      TCP  *  *  192.168.1.124  80 (HTTP)  *    NAT 
      TCP  *  *  192.168.1.124  443 (HTTPS)  *    NAT   
      TCP  *  *  192.168.1.124  4125  *    NAT

      This is all for a windows home server box that needs port 80 / 443 / 4125

      I run the check status on the home server that test these ports outside and its a no go on anything

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Could you elaborate on the setup?
        What's in front of the pfSense?
        How did you test "it's not working"?
        Did you disable the firewall on the windows box?
        Did you change the webgui to something else than port 80 and 443? (since you want to forward them)

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • K
          kapara
          last edited by

          Are you using static IP or dynamic on WAN?  Do you have a range of useable IP's.  Might need VIP's.

          Also via SSH look at logs to see if there is any rules blocking traffic to that internal IP.

          Skype ID:  Marinhd

          1 Reply Last reply Reply Quote 0
          • N
            nocer
            last edited by

            Hello,

            That should work. I also have configured 80/443 to my severs as you did and just fine. Can you install wireshark things on the home server box(suppose it's Windows') to monitor that the pfSense really doesn't forward packets to the desired ports? Or do you have firewall enabled on the server box?

            cheers,

            1 Reply Last reply Reply Quote 0
            • E
              extsuba
              last edited by

              Setup is:

              Internet–----Dynamic ip ---------Modem---------NIC 0 for wan pfsense nic 1 for lan------------patch pannel---------network switch---------network
              1: what ever the dhcp address is on units it dont want to change i just plug in in on tcp/ip which the server is static sort of but have default of getting address and dns on auto
              2: the current config works just fine with linksys router inplace of the pfsense
              3: Windows home server can check to see if the pc can except incomming connections and rdp sessions
              4: All firewalls are disabled on all boxes
              5: even a fresh istall/factory reset of pfsense does not work -
              6: do I move pfsense to different web port as aell as ssl for access and how to i do that
              I would rather use pfsense than the linksys but it makes no sense why it does not work - I do the same steps on the linksys and its a go
              THanks

              1 Reply Last reply Reply Quote 0
              • AhnHELA
                AhnHEL
                last edited by

                When you use the Linksys, is UPnP enabled on it?

                AhnHEL (Angel)

                1 Reply Last reply Reply Quote 0
                • E
                  extsuba
                  last edited by

                  no it is not

                  1 Reply Last reply Reply Quote 0
                  • K
                    kapara
                    last edited by

                    Are you able to access internet when using pfSense? (Outbound Traffic)

                    Did you check the real time log via console or SSH to see if the traffic is hitting the pfSense firewall?  Watch the log and ask a friend to try to ping or access resources via your WAN IP.

                    You can also tell your rules to log and then check the firewall log to see if your friends IP is listed as blocked or allowed.

                    Skype ID:  Marinhd

                    1 Reply Last reply Reply Quote 0
                    • jahonixJ
                      jahonix
                      last edited by

                      Have you defined a firewall rule on LAN to allow your WHS to access the internet at all?
                      Are you sure your WHS has the internal IP 192.168.1.124?

                      Mine is working fine with these settings.
                      Except for port 4125 which I don't use. That's the RDP proxy, right?

                      1 Reply Last reply Reply Quote 0
                      • E
                        extsuba
                        last edited by

                        all systems on pf sense can access the internet just fine -
                        And it has the correct ip from dhcp which i plug in my self after all functions are working.

                        1 Reply Last reply Reply Quote 0
                        • E
                          extsuba
                          last edited by

                          Where do I find nat reflection i can not see it anywhere….would that help??

                          1 Reply Last reply Reply Quote 0
                          • AhnHELA
                            AhnHEL
                            last edited by

                            You can try.

                            System/Advanced

                            At bottom of page under Network Address Translation

                            Disable NAT Reflection

                            Uncheck box

                            AhnHEL (Angel)

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.