Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can't forward port

    General pfSense Questions
    3
    6
    352
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      amello last edited by

      Version 2.3.4-RELEASE-p1 (amd64)
      FreeBSD 11.01 bhyve VM
      Trying to open 32400 for Plex.
      NAT enabled for Plex LAN IP
      Server's ports are open:

      Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
      tcp        0      0 0.0.0.0:32400          0.0.0.0:*              LISTEN      3551/Plex Media Ser

      pf can see port open: Port test to host: 10.10.10.33 Port: 32400 successful.

      External port test fails: Port 32400 Timed-Out

      Any ideas?

      Thanks!


      1 Reply Last reply Reply Quote 0
      • KOM
        KOM last edited by

        Have you added the required firewall rule to allow the traffic?  The NAT only defines it.  Have you gone through these?

        https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

        https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

        1 Reply Last reply Reply Quote 0
        • A
          amello last edited by

          @KOM:

          Have you added the required firewall rule to allow the traffic?  The NAT only defines it.  Have you gone through these?

          https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

          https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

          Yes, I have.

          In fact I've later on for testing moved the server to a spare public IP, created a 1-to-1 to it's LAN IP, WAN rules to forward the port to that IP. The server connected, but can't see the IPs, so it might be something on the FreeBSD host interface configuration.

          Moving pf to a bare metal box to by-pass any FreeBSD host configuration.

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            what??  You went through the troubleshooting doc and did a sniff showing the traffic hitting pfsense wan and then being forwarded on?  When does it fail?  Post up your wan rules that should of been created when you created your port forward.

            Yes you have to worry about any host firewalls running.. Its quite possible that host blocks traffic from outside its own segment, etc.

            1 Reply Last reply Reply Quote 0
            • A
              amello last edited by

              @johnpoz:

              what??  You went through the troubleshooting doc and did a sniff showing the traffic hitting pfsense wan and then being forwarded on?  When does it fail?  Post up your wan rules that should of been created when you created your port forward.

              Yes you have to worry about any host firewalls running.. Its quite possible that host blocks traffic from outside its own segment, etc.

              Let me clarify :)

              Yes, added the firewall rule to NAT the port and did the troubleshoot. Nothing hitting my WAN as far as I can see. Moved pf out of the VM today to test again and same results. Either I don't know how to see the logs or nothing is hitting my WAN on that port.

              All other ports are working fine, but they are on 1-to-1 NAT from Public IPs to LAN IPs. I'm moving Plex to an spare public IP to see.

              1 Reply Last reply Reply Quote 0
              • A
                amello last edited by

                FOUND IT!

                For future reference, u-verse 5268AC has a firewall at IP level under LAN IP Address Allocation. Disabled it and pf took over.

                ![uverse firewall.png](/public/imported_attachments/1/uverse firewall.png)
                ![uverse firewall.png_thumb](/public/imported_attachments/1/uverse firewall.png_thumb)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy