Trouble with port forwarding
My pfSense in behind a Unifi USG. I'm using the pfSense to move traffic from one of my subnets over a PIA VPN. There are some things that aren't playing nice with the VPN. I've figured out how to route websites that are blocked, but I can't quite figure out port forwarding from inside my network. I'm new to advanced firewalls and pfSense, and I'm not quite sure if this is a NAT, firewall or both issue.
Specifically I need port 80 and 443 for the remote access website on my server. Since it's not working with the VPN I think I need to both open the ports and send them through my ISP instead of the VPN. I've tired putting rules in NAT/Port Forward and in everything but Floating under LAN. What am I missing?
Erm, if you are double-NATed behind another firewall, you need to do port-forwarding there in the first place.
Sorry, I forgot to mention that the ports are forwarded there already. It works fine going straight to the USG, but I haven't gotten it to work with the server going through the pfSense box with the ports forwarded to it.
So just to clarify, please correct me if I'm wrong:
You have a webserver which you're trying to access remotely through a vpn.
Is the VPN server being hosted on your side, or are you a client (Are connections coming TO you, or are connections being made FROM you to a VPN provider?) It sounds like youre using a VPN provider, but I need clarification.
If youre hosting the vpn server, youll need to make sure that firewall rules are matching, and that you allow access through your VPN config.
If your pfsense box is connecting to a vpn provider, you need to make sure your provider allows Port Forwarding. Depending on the VPN provider's setup (some generate a port for you to use at random, others allow a static port assigned to your user), this may require custom scripting on your end.