Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    GUI for NAT

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 5 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tomli
      last edited by

      I assigned the below privilege for user operator. The user cannot view the NAT port forward ruleset
      0_1528587904468_19af273e-ae14-4bb1-838c-bc92c806a442-圖片.png

      admin:
      0_1528587957293_958393dc-6e5a-4267-a9e1-74bcbef4dec2-圖片.png

      operator:
      0_1528588001772_f6390392-ff37-4ece-935f-a112f47c852e-圖片.png

      I tested it in deference pfsense version 2.0 - 2.3. Is it a bug in pfsense GUI? Please advise.

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        What version of pfsense is that from? Operator is not a valid username currently

        Trying to duplicate your problem I get this
        That username is reserved by the system.

        I would suggest you run current version of pfsense and use a different username.

        If still having issue then can take a look.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 1
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yes you need to test in a current pfSense version. Preferably 2.4.3_1 but at least 2.3.5_2 if your hardware doesn't support 2.4.X.

          Steve

          1 Reply Last reply Reply Quote 0
          • T
            tomli
            last edited by

            I installed a new version 2.4.3 and created account tom for testing.

            0_1528679418418_95e32692-f426-4cf5-bc81-7a1b01bf7a27-圖片.png

            Admin:
            0_1528679489932_ff7dc128-133a-4053-8a7e-ca197d5b9766-圖片.png

            tom:
            0_1528679529940_a3e72af7-6bae-4e7f-8608-02baf8f88f9d-圖片.png

            Version 2.4.3_1 have the same issue.

            1 Reply Last reply Reply Quote 0
            • A
              ashima LAYER 8
              last edited by

              Also Add

              Webcfg - Firewall NAT : Port Forward (Edit)

              It should work

              1 Reply Last reply Reply Quote 0
              • T
                tomli
                last edited by

                We don´t want to grant edit priviliage for normal user/operator. Do you have other suggestions?

                Thanks.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  I'm also seeing this. Not adding the edit page does not actually stop some edits though. For example you can see the outbound NAT rules without have the webcfg edit enabled and you can remove outbound NAT rules.

                  To prevent that user having edit privilege add the User - Config: Deny write property.

                  That does apply globally though.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    Confirmed here as well, I just opened https://redmine.pfsense.org/issues/8563 for it

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • jimpJ
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      Should be OK on the next snaps/release.

                      https://github.com/pfsense/pfsense/commit/2e6167e71e7f6d83f52094a22a9a5be6ea39859b

                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      1 Reply Last reply Reply Quote 0
                      • T
                        tomli
                        last edited by

                        Thank you for all.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.