PfSense 2.3.2-RELEASE1 Port Forward not Working

Jonatino

I'm trying to forward port 43594 to my local ip 192.168.0.49. I've added a NAT and rule for the port but I'm still not able to recieve connections. I've restarted my PfSense box and my own computer and still no luck.

Here is the NAT rule:

Here is the firewall rule

And here is what Diagnostics->States show for port 43594

Any idea why traffic is being blocked?

Thanks!

viragomann

Maybe the access is blocked on the PC.
Or pfSense is not the default gateway on it.

Diagnostic > Packet Capture could give you more information. Select the internal interface and filter on the port 43594 and start it to see if you get a response from the computer.

Jonatino

@viragomann:

Maybe the access is blocked on the PC.
Or pfSense is not the default gateway on it.

Diagnostic > Packet Capture could give you more information. Select the internal interface and filter on the port 43594 and start it to see if you get a response from the computer.

Here is what I get in packet capture.

viragomann

So you see in the capture that the packets are forwarded to 192.168.0.49 and that it is responding. You should also see this responses on WAN interface, but translated to the WAN address.

johnpoz

Did you mess with the outbound nat tab and change it from auto??

What does the sniff on your wan say?

elvaquero

I have a very similar problem, so let me piggyback here. This is my NAT port-forward and rule:

WAN TCP * * WAN address 8989 192.168.1.28 8989 sonarr

0/2 KiB  IPv4 TCP * * 192.168.1.28 8989 * none NAT sonarr

If I access through the local IP the service responds, but when I try the WAN interface it times out the connection.

This is the packet capture running on LAN, filtered for port 8989:

17:06:20.526588 IP 192.168.1.235.61414 > 93.123.118.235.8989: tcp 0
17:06:20.526707 IP 192.168.1.235.61415 > 93.123.118.235.8989: tcp 0
17:06:20.777814 IP 192.168.1.235.61416 > 93.123.118.235.8989: tcp 0
17:06:23.526843 IP 192.168.1.235.61415 > 93.123.118.235.8989: tcp 0
17:06:23.526860 IP 192.168.1.235.61414 > 93.123.118.235.8989: tcp 0
17:06:23.778443 IP 192.168.1.235.61416 > 93.123.118.235.8989: tcp 0

There's absolutely nothing when running on WAN. I haven't changed anything in outbound NAT.

Any ideas please?

KOM

Are you testing from LAN or from outside via WAN?

It would be best if you start your own thread instead of hijacking this one.  Your problems may or may not be related.

https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

johnpoz

192.168.1.235.61414 > 93.123.118.235.8989

Looks like your testing from inside your lan trying to hit your public IP to get reflected back in.. Nat reflection, that has nothing to do with normal port forwarding.  Did you enable nat reflection?

If your box on 192.168.1.235 wants to talk to 192.168.1.28, why would it send traffic to 93.x.x.x?  I would have to assume both of those devices are on the same /24 ie 192.168.1 so why would you not just talk to the .235 direct.