Port Forwarding not working?!
-
This is what I did to get a "web server" working behind my pfsense firewall:
Give the web server, on the box that is actually the server, a different port number besides 80 or 443. I assigned mine port 8091.
In pfsense, make a port forward, destination is wan address, port range is from XXXX to XXXX, redirect target IP is your web server, and the redirect port is XXXX. Let it auto-create the firewall rule, then save the settings.
It should be as simple as that. I don't know if you have to turn down any web server firewall rules to make it respond from outside it's local network. I didn't have to do any of that on mine. When an outside "visitor" wants to connect to this web server, they have to simply add the port number to the end of the URL.
Jeff
-
@connor234 said in Port Forwarding not working?!:
I have checked the "Disable webConfigurator redirect rule" but when i connect to my public ip it just redirects to be to the pfSense webUI port which is 9999 and i can't get to my webserver because of this?
I'm working on something else but if you used to have a redirect and now don't the browser may be caching the redirect especially if it was marked as permanent/301. Empty browser cache or try a different browser.
-
@akuma1x Unfortunately i don't want to have to do this as i i know when certain people visit my site all the ports are blocked on their network and only port 80 and 443 work for them and it would incontinent for them.
-
@teamits I thought this might this issue already so i whipped my browsing data and cache and even used a different device and did the same which is on a complete other network and i still couldn't access the site. When i am connected to the current network i can connect to the Web-Server via the internal IP of the server and i can also connect to the web-server via the public IP when i'm the network but i go on my other device connect to another network i cant connect via the public IP? I am really pulling my hair out over this right now :)
-
@connor234 Then what I think you need to do is change the port for the web configurator so it doesn't answer on ports 80 and 443.
It's under System -> Advanced -> Admin Access -> TCP Port
Change the port number to something else, but make sure it isn't a port used for any other services you've got running...
Jeff
-
@akuma1x I have already done this i also checed the redirect box to stop it trying to forward to pfsense.
-
@connor234
Maybe post a screen cap of your WAN rules and NAT forwards? I've never had an issue forwarding either 80 or 443 on the WAN to an internal IP. Most often we use split DNS and create a hostname on the pfSense or internal DNS to point to the private IP, but that's a different issue and not relevant to your WAN port forward. -
@teamits
WAN Rules: https://gyazo.com/c19bd001d75feaee69eb79996b53c260
NAT Forwards: https://gyazo.com/f6bf431cc349344f999e4d900b034fabThe Minecraft Server port forward works perfect i can connect to the mc server on my network via my public ip and other people can join it works fine but my web-server is just a no go.
-
If you've already tried deleting and recreating them as suggested, then my next guess is a firewall or something on the web server is not allowing access from Internet IPs. Is there a firewall on the web server that can be logged and/or disabled?
Perhaps check the box in pfSense's firewall logs to log all packets matching the default block rule and verify it is actually being blocked at the pfSense?
-
@teamits All of the firewall features have been disabled and i will check the logs shortly.
-
Hi Everyone, thank you for all of your advise i have managed to fix the issue by resetting the firewall and the web-server.
-
In case anyone sees this reply on this old post, I am having a similar issue, I did port forwarding for Minecraft Bedrock Server, Port 19132. Minecraft can see the server online and ping it but I can not connect to it. I have read through all of the Troubleshooting info from Netgate, I checked through several guides from others and all of the info was the same, so I believe I am configuring it correctly. I attempted dropping the TCP permission as Bedrock uses UDP, and I have added it back.
I have set up NAT Reflection and tested the port on my Desktop and off the LAN with my phone on 5g, and still the port says closed. I have also rebooted the router. I was wondering if it had something to do with my server being in a Docker Container, but in general as long as the port is forwarded then I should be able to at least see it as open right?