4. Can't forward port

Can't forward port

  • A

    Version 2.3.4-RELEASE-p1 (amd64)
    FreeBSD 11.01 bhyve VM
    Trying to open 32400 for Plex.
    NAT enabled for Plex LAN IP
    Server's ports are open:

    Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
    tcp        0      0 0.0.0.0:32400          0.0.0.0:*              LISTEN      3551/Plex Media Ser

    pf can see port open: Port test to host: 10.10.10.33 Port: 32400 successful.

    External port test fails: Port 32400 Timed-Out

    Any ideas?

    Thanks!


    0

  • Have you added the required firewall rule to allow the traffic?  The NAT only defines it.  Have you gone through these?

    https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    0
  • A

    @KOM:

    Have you added the required firewall rule to allow the traffic?  The NAT only defines it.  Have you gone through these?

    https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    Yes, I have.

    In fact I've later on for testing moved the server to a spare public IP, created a 1-to-1 to it's LAN IP, WAN rules to forward the port to that IP. The server connected, but can't see the IPs, so it might be something on the FreeBSD host interface configuration.

    Moving pf to a bare metal box to by-pass any FreeBSD host configuration.

    0
  • LAYER 8 Global Moderator

    what??  You went through the troubleshooting doc and did a sniff showing the traffic hitting pfsense wan and then being forwarded on?  When does it fail?  Post up your wan rules that should of been created when you created your port forward.

    Yes you have to worry about any host firewalls running.. Its quite possible that host blocks traffic from outside its own segment, etc.

    0
  • A

    @johnpoz:

    what??  You went through the troubleshooting doc and did a sniff showing the traffic hitting pfsense wan and then being forwarded on?  When does it fail?  Post up your wan rules that should of been created when you created your port forward.

    Yes you have to worry about any host firewalls running.. Its quite possible that host blocks traffic from outside its own segment, etc.

    Let me clarify :)

    Yes, added the firewall rule to NAT the port and did the troubleshoot. Nothing hitting my WAN as far as I can see. Moved pf out of the VM today to test again and same results. Either I don't know how to see the logs or nothing is hitting my WAN on that port.

    All other ports are working fine, but they are on 1-to-1 NAT from Public IPs to LAN IPs. I'm moving Plex to an spare public IP to see.

    0
  • A

    FOUND IT!

    For future reference, u-verse 5268AC has a firewall at IP level under LAN IP Address Allocation. Disabled it and pf took over.

    ![uverse firewall.png](/public/imported_attachments/1/uverse firewall.png)
    ![uverse firewall.png_thumb](/public/imported_attachments/1/uverse firewall.png_thumb)

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy