Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forward for both LAN and WAN in one rule

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 496 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mamsds
      last edited by

      Let's say the WAN IP of pfSense is 172.217.2.35 and the LAN IP of pfSense is 192.168.0.1
      I have two PCs behine pfSense:
      PC1's LAN IP: 192.168.0.100;
      PC2's LAN IP: 192.168.0.101;
      I have one more PC (PC3) outside the LAN whose IP is 52.84.122.57
      PC1 is running an SSH Server on port 22. I added an NAT rule like this:

      After applying the above-mentioned rule, I can access PC1 using the following command at PC3:
      ssh admin@172.217.2.35 -p 22
      However, this command wouldn't work on PC2. I think it is because both PC1 and PC2 are in the same LAN and thus the rule somehow doesn't apply.

      So I tried to create a second rule:

      Now both PC2 and PC3 work.

      But I think this setting is a little bit awkward. Would there be any possibility that I can combine these two rules into one? (as I remember Sophos' UTM allows users to apply one rule to both interfaces, but it appears that pfSense doesn't work this way and one rule can only apply to either WAN or LAN?)

      Thanks~

      1 Reply Last reply Reply Quote 0
      • GrimsonG
        Grimson Banned
        last edited by

        RTFM: https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

        1 Reply Last reply Reply Quote 0
        • M
          mamsds
          last edited by

          it works! Thanks anyway.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.