• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Troubles port forwarding HTTPS

Scheduled Pinned Locked Moved NAT
5 Posts 2 Posters 3.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    alex17857
    last edited by Jan 11, 2017, 5:22 AM

    Hello,

    I have setup a pfsense server behind my home ADSL2+ router. I have to use the router as the WAN GW because I only have ADSL2+ available at my property and I need the modem to take the phone line in and turn it into usable ethernet.

    The router is on 192.168.1.1 (192.168.1.0/24) - internet gateway/network only
    The pfsense server is on 192.168.2.1 (192.168.2.0/24) - internal firewall/network

    I have given the pfsense server a static IP of 192.168.1.10 on the router/internet gateway and placed the IP 192.168.1.10 in a DMZ to forward all traffic to the pfsense server.

    I have two desktops connected to the pfsense server using DHCP. I also have a server connected to pfsense using a static IP (192.1682.54).

    I confirmed that NAT is working by port forwarding MS RDP (3389) to my desktop (192.168.2.15). I then accessed MS RDP using my public IP address and dynamic DNS address successfully.

    My problem is that I cannot access my ownCloud server over HTTPS using my public IP. The servers has a static IP address of 192.168.2.54 and I cannot for the life of me get port forwarding to work for HTTPS.

    Things I have tried:

    • Moving pfsense HTTPS port from 443 to 8081 in case there was a conflict
    • Disabling webConfigurator redirect rule
    • Using NAT reflection Disabled, Enable (Pure NAT), and Enable (NAT + Proxy)

    Something else to note (may or may not matter) is that I am running a squid proxy to help reduce bandwidth.

    I am new to pfsense I am not sure what else to try. I am hoping someone here can point me in the right direction :)

    Here are some screenshots that may help -

    1 Reply Last reply Reply Quote 0
    • D
      doktornotor Banned
      last edited by Jan 11, 2017, 9:54 AM

      So your WAN is RFC1918 and you are blocking private networks? Will never work. Plus, will never work even without blocking that unless you do the forwarding on the router if front of pfSense first.

      1 Reply Last reply Reply Quote 0
      • A
        alex17857
        last edited by Jan 11, 2017, 7:21 PM

        @doktornotor:

        So your WAN is RFC1918 and you are blocking private networks? Will never work. Plus, will never work even without blocking that unless you do the forwarding on the router if front of pfSense first.

        Thank you for your response. My pfsense server is configured in a DMZ on the internet gateway router as per my initial post. I have confirmed that this is working by configuring NAT for MS RDP. I have unblocked private networks as you suggested, however, I still cannot contact my web server :(

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by Jan 11, 2017, 7:25 PM

          Yeah, DMZ won't normally DMZ the webGUI port, otherwise you'd just get cut off. Bridge the DSL modem. Does not help? Check the ISP about 80/443 blocking.

          1 Reply Last reply Reply Quote 0
          • A
            alex17857
            last edited by Jan 11, 2017, 11:16 PM

            @doktornotor:

            Yeah, DMZ won't normally DMZ the webGUI port, otherwise you'd just get cut off. Bridge the DSL modem. Does not help? Check the ISP about 80/443 blocking.

            I feel really silly right now. I logged into the internet router (192.168.1.1) and noticed that port 443 was still configured for the servers old address prior to being moved to the pfsense network. I have removed the NAT config and left DMZ configured and everything works now.

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received