Trouble with port forwarding
-
My pfSense in behind a Unifi USG. I'm using the pfSense to move traffic from one of my subnets over a PIA VPN. There are some things that aren't playing nice with the VPN. I've figured out how to route websites that are blocked, but I can't quite figure out port forwarding from inside my network. I'm new to advanced firewalls and pfSense, and I'm not quite sure if this is a NAT, firewall or both issue.
Specifically I need port 80 and 443 for the remote access website on my server. Since it's not working with the VPN I think I need to both open the ports and send them through my ISP instead of the VPN. I've tired putting rules in NAT/Port Forward and in everything but Floating under LAN. What am I missing? -
Erm, if you are double-NATed behind another firewall, you need to do port-forwarding there in the first place.
-
Sorry, I forgot to mention that the ports are forwarded there already. It works fine going straight to the USG, but I haven't gotten it to work with the server going through the pfSense box with the ports forwarded to it.
-
So just to clarify, please correct me if I'm wrong:
You have a webserver which you're trying to access remotely through a vpn.
Is the VPN server being hosted on your side, or are you a client (Are connections coming TO you, or are connections being made FROM you to a VPN provider?) It sounds like youre using a VPN provider, but I need clarification.
Scenario 1:
If youre hosting the vpn server, youll need to make sure that firewall rules are matching, and that you allow access through your VPN config.Scenario 2:
If your pfsense box is connecting to a vpn provider, you need to make sure your provider allows Port Forwarding. Depending on the VPN provider's setup (some generate a port for you to use at random, others allow a static port assigned to your user), this may require custom scripting on your end.