4. PfSense 2.3.2-RELEASE1 Port Forward not Working

PfSense 2.3.2-RELEASE1 Port Forward not Working

  • J

    I'm trying to forward port 43594 to my local ip 192.168.0.49. I've added a NAT and rule for the port but I'm still not able to recieve connections. I've restarted my PfSense box and my own computer and still no luck.

    Here is the NAT rule:

    Here is the firewall rule

    And here is what Diagnostics->States show for port 43594

    Any idea why traffic is being blocked?

    Thanks!

    0
  • V

    Maybe the access is blocked on the PC.
    Or pfSense is not the default gateway on it.

    Diagnostic > Packet Capture could give you more information. Select the internal interface and filter on the port 43594 and start it to see if you get a response from the computer.

    0
  • J

    @viragomann:

    Maybe the access is blocked on the PC.
    Or pfSense is not the default gateway on it.

    Diagnostic > Packet Capture could give you more information. Select the internal interface and filter on the port 43594 and start it to see if you get a response from the computer.

    Here is what I get in packet capture.

    0
  • V

    So you see in the capture that the packets are forwarded to 192.168.0.49 and that it is responding. You should also see this responses on WAN interface, but translated to the WAN address.

    0
  • LAYER 8 Global Moderator

    Did you mess with the outbound nat tab and change it from auto??

    What does the sniff on your wan say?

    0
  • E

    I have a very similar problem, so let me piggyback here. This is my NAT port-forward and rule:

    WAN TCP * * WAN address 8989 192.168.1.28 8989 sonarr

    0/2 KiB  IPv4 TCP * * 192.168.1.28 8989 * none NAT sonarr

    If I access through the local IP the service responds, but when I try the WAN interface it times out the connection.

    This is the packet capture running on LAN, filtered for port 8989:

    17:06:20.526588 IP 192.168.1.235.61414 > 93.123.118.235.8989: tcp 0
    17:06:20.526707 IP 192.168.1.235.61415 > 93.123.118.235.8989: tcp 0
    17:06:20.777814 IP 192.168.1.235.61416 > 93.123.118.235.8989: tcp 0
    17:06:23.526843 IP 192.168.1.235.61415 > 93.123.118.235.8989: tcp 0
    17:06:23.526860 IP 192.168.1.235.61414 > 93.123.118.235.8989: tcp 0
    17:06:23.778443 IP 192.168.1.235.61416 > 93.123.118.235.8989: tcp 0

    There's absolutely nothing when running on WAN. I haven't changed anything in outbound NAT.

    Any ideas please?

    0

  • Are you testing from LAN or from outside via WAN?

    It would be best if you start your own thread instead of hijacking this one.  Your problems may or may not be related.

    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    0
  • LAYER 8 Global Moderator

    192.168.1.235.61414 > 93.123.118.235.8989

    Looks like your testing from inside your lan trying to hit your public IP to get reflected back in.. Nat reflection, that has nothing to do with normal port forwarding.  Did you enable nat reflection?

    If your box on 192.168.1.235 wants to talk to 192.168.1.28, why would it send traffic to 93.x.x.x?  I would have to assume both of those devices are on the same /24 ie 192.168.1 so why would you not just talk to the .235 direct.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy