FTP Server reachable through OPT1
-
Just tested with a port 80 forward at my Dual WAN Setup at the office. Works like expected. Maybe the connection gets stuck in your Router in front of the pfsense? I have a similar setup using an adsl router in front of my WAN2 to fake a static gateway IP for loadbalancing.
So you are able to port forward on both WAN and OPT1 ? The router in front of pfSense doesnt get into play because im testing with a laptop connected to the OPT1 interface ATM.
I dont understand:
@hoba:I have set the pfSense WAN2 IP as DMZ IP at the adsl router so everything gets forwarded automatically.
What do you mean by this (and how do I do this ?)
What version are you running btw?
Was running 1.0 Beta 3 uograded to Beta 4 yesterday.
Thanks for the help so far !!
Most of the simple modemrouters out there have an option to specify a DMZ IP. This basically means: forward all ports, all protocols incoming at wan to this DMZ IP and allow all Traffic to this IP. Of course, this IP isn't firewalled anymore then but as the pfSense WAN2 has it's won firewall it eliminates the double administration you would have to do without it (portforward from modemrouter to pfsense and from pfsense to internal host). Check your modemrouters manual, it might be called different.
Beta4 is pretty old though the last official posted version on the mirrors. I'm running a version very close to RC1 (maybe even what will become RC1). I strongly recommend upgrading. If you have a full hdd install run "cvs_sync.sh RELENG_1" from the shell or via ssh after leaving the shellmenu by choosing option 8. This will update your box against the CVS Codetree and you will be running the most recent version after this. This process takes some time on the first run and might appear stuck somewhere in the middle. Just be patient and give it time. Reboot after it went through.
Another option is to wait for the RC1 update or new image which should be available pretty soon (we are doing some final tests atm). -
Just tested with a port 80 forward at my Dual WAN Setup at the office. Works like expected. Maybe the connection gets stuck in your Router in front of the pfsense? I have a similar setup using an adsl router in front of my WAN2 to fake a static gateway IP for loadbalancing.
So you are able to port forward on both WAN and OPT1 ? The router in front of pfSense doesnt get into play because im testing with a laptop connected to the OPT1 interface ATM.
I dont understand:
@hoba:I have set the pfSense WAN2 IP as DMZ IP at the adsl router so everything gets forwarded automatically.
What do you mean by this (and how do I do this ?)
What version are you running btw?
Was running 1.0 Beta 3 uograded to Beta 4 yesterday.
Thanks for the help so far !!
Most of the simple modemrouters out there have an option to specify a DMZ IP. This basically means: forward all ports, all protocols incoming at wan to this DMZ IP and allow all Traffic to this IP. Of course, this IP isn't firewalled anymore then but as the pfSense WAN2 has it's won firewall it eliminates the double administration you would have to do without it (portforward from modemrouter to pfsense and from pfsense to internal host). Check your modemrouters manual, it might be called different.
I understood in the mean time ;) I am talking directly to OPT1 with my laptop so the ADSL router is no issue (besides that I allready did the DMZ IP thing, its just called different. Besided that if I enable the firewall on this router the througput takes a big hit)
Beta4 is pretty old though the last official posted version on the mirrors. I'm running a version very close to RC1 (maybe even what will become RC1). I strongly recommend upgrading. If you have a full hdd install run "cvs_sync.sh RELENG_1" from the shell or via ssh after leaving the shellmenu by choosing option 8. This will update your box against the CVS Codetree and you will be running the most recent version after this. This process takes some time on the first run and might appear stuck somewhere in the middle. Just be patient and give it time. Reboot after it went through.
Here I was thinking I was running the latest version, but off course there are the CVS builds ;) Ill try this when I am home. All my firewall rules will be retained when I do this ?
Another question: is the way I specified my rules correct (see my first post) ?Another option is to wait for the RC1 update or new image which should be available pretty soon (we are doing some final tests atm).
I have no problem installing the pre-RC1 version, because I just want it to work (TM) ;P (the router is used @Home so no problem if my internet is down a bit)
-
You'll keep your configuration and the downtime will only be during the reboot. However making a backup of your config.xml is always recommended.
-
You'll keep your configuration and the downtime will only be during the reboot. However making a backup of your config.xml is always recommended.
Tx for the input hoba. What is the easiest way to backup my config.xml ?
I didnt have time yesterday to upgrade to the newest build, will probably do this tomorrow.
-
Simply download it via webgui at diagnostics>backup/restore.
-
I realise it has been some time, but I didn't come around to installing an update to my pfSense router. I installed RC2 last week and still no portforwards on OPT1 seem to work. Currently I am using my WAN interface but since this is a slower link than OPT1 I'd like to be able to use forwards on OPT1 as well. Can anyone help me ?
(I am currently testing with HTTPS (because FTP is more difficult when it comes to NATting –> the portforward works on WAN, but not on OPT1) -
Kick, I'm still having this problem, no port forwards on OPT1 work, so I'm still stuck with having to publish all my servers on the WAN interface…
-
FTP is not compatible with dual wan. This is a FAQ.
-
Dear Sullrich, the problem is not FTP on Dual Wan, No port forwards WHATSOEVER work, not even 443, as can be seen in my response higher up in this thread.
Any help would be greatly appriciated (updates to the newer build suggested above without any effect)
-
Dear Tomba,
you are setting things up wrong. I have FTP as well as other services working at OPT-Interfaces forwarded from WAN and I also configured an FTP-Server for someone at IRC that was reachable from OPT-WAN.
I suggest you get to IRC this evening and try to contact me there. We can try to make it work together by remote administration.