Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Help with nat and firewall

    Firewalling
    2
    4
    2636
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wonslung last edited by

      I need help getting my webserver visable to the outside world.  i used no-ip for dynamic dns so i can get to my torrentflux from work but after switching to pfsense i can't seem to get incoming port 80 to work properly.  After searching the forum i found that i need to change the webui to another port, so i did that but i'm STILL not having any luck.
      i went to nat and these are my settings

      WAN  TCP  80 (HTTP)  192.168.1.14    80 (HTTP) webserver

      it auto creates a firewall rule that looks like this under WAN

      TCP  *  *  192.168.1.14  80 (HTTP)  *      NAT webserver

      i'm going insane trying to figure this out….it worked easily in both dd-wrt and tomato...i admit those are much less advanced (which is why i switched over) but i just can't figure out why it's not working
      i know the webserver is up and working because if i enter 192.168.1.14 into the browser it works, i know that no-ip.org is working correctly because when i enter in my address with port 81 i get the pfsense webui (81 is the port i changed webui to)

      but i'm getting network timeout when i try to go to port 80 via no-ip.org so the nat rule isn't working.....please help

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        I assume you're trying to access from within your LAN the public no-ip address?

        Enable NAT reflection or set up split DNS inthis case:
        http://forum.pfsense.org/index.php/topic,7001.0.html

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • W
          wonslung last edited by

          what i want is for someone to enter my wan ip address into their web browser and get the webserver on my lan at 192.168.1.14
          i just use no-ip so i don't have to type numbers into the web browser.  i read that page prior to posting, i read all the stuff about port forwarding in the wiki and i tried it with and without nat reflection on (though i was under the impression that only mattered if i was on one subnet in my lan and the other machine was on another)

          if i enter 192.168.1.14 into my webbrowser locally i get the webserver i want.  but when i try to access it from my wan ip address it's not showing up even though i'm pretty sure i set it up right….which is why i'm asking....what the heck am i doing wrong.
          heres a couple screenshots of my nat and firewall rules
          http://www.freeimagehosting.net/image.php?277984e575.jpg
          http://www.freeimagehosting.net/image.php?eadecaf3a9.jpg

          1 Reply Last reply Reply Quote 0
          • W
            wonslung last edited by

            i dunno why but i did an ip release on the wan and renewed it and now everything works

            1 Reply Last reply Reply Quote 0
            • First post
              Last post