New to pfsense need help on port forwarding



  • I am new to pfsense and I followed the setup at http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
    but it did not work
    my config is:
    nat rule all default
    WAN  TCP  80 (HTTP)  192.168.1.124
    (ext.: 66.69.13.205)  80 (HTTP)

    WAN  TCP  443 (HTTPS)  192.168.1.124
    (ext.: 66.69.13.205)  443 (HTTPS)

    WAN  TCP  4125  192.168.1.124
    (ext.: 66.69.13.205)  4125

    firewall rules

    TCP  *  *  192.168.1.124  80 (HTTP)  *    NAT 
    TCP  *  *  192.168.1.124  443 (HTTPS)  *    NAT   
    TCP  *  *  192.168.1.124  4125  *    NAT

    This is all for a windows home server box that needs port 80 / 443 / 4125

    I run the check status on the home server that test these ports outside and its a no go on anything



  • Could you elaborate on the setup?
    What's in front of the pfSense?
    How did you test "it's not working"?
    Did you disable the firewall on the windows box?
    Did you change the webgui to something else than port 80 and 443? (since you want to forward them)



  • Are you using static IP or dynamic on WAN?  Do you have a range of useable IP's.  Might need VIP's.

    Also via SSH look at logs to see if there is any rules blocking traffic to that internal IP.



  • Hello,

    That should work. I also have configured 80/443 to my severs as you did and just fine. Can you install wireshark things on the home server box(suppose it's Windows') to monitor that the pfSense really doesn't forward packets to the desired ports? Or do you have firewall enabled on the server box?

    cheers,



  • Setup is:

    Internet–----Dynamic ip ---------Modem---------NIC 0 for wan pfsense nic 1 for lan------------patch pannel---------network switch---------network
    1: what ever the dhcp address is on units it dont want to change i just plug in in on tcp/ip which the server is static sort of but have default of getting address and dns on auto
    2: the current config works just fine with linksys router inplace of the pfsense
    3: Windows home server can check to see if the pc can except incomming connections and rdp sessions
    4: All firewalls are disabled on all boxes
    5: even a fresh istall/factory reset of pfsense does not work -
    6: do I move pfsense to different web port as aell as ssl for access and how to i do that
    I would rather use pfsense than the linksys but it makes no sense why it does not work - I do the same steps on the linksys and its a go
    THanks



  • When you use the Linksys, is UPnP enabled on it?



  • no it is not



  • Are you able to access internet when using pfSense? (Outbound Traffic)

    Did you check the real time log via console or SSH to see if the traffic is hitting the pfSense firewall?  Watch the log and ask a friend to try to ping or access resources via your WAN IP.

    You can also tell your rules to log and then check the firewall log to see if your friends IP is listed as blocked or allowed.



  • Have you defined a firewall rule on LAN to allow your WHS to access the internet at all?
    Are you sure your WHS has the internal IP 192.168.1.124?

    Mine is working fine with these settings.
    Except for port 4125 which I don't use. That's the RDP proxy, right?



  • all systems on pf sense can access the internet just fine -
    And it has the correct ip from dhcp which i plug in my self after all functions are working.



  • Where do I find nat reflection i can not see it anywhere….would that help??



  • You can try.

    System/Advanced

    At bottom of page under Network Address Translation

    Disable NAT Reflection

    Uncheck box


Locked