Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forward Modem/Router and pfSense

    Scheduled Pinned Locked Moved NAT
    6 Posts 4 Posters 827 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Tleary
      last edited by Tleary

      I've hit a dead end and needed to ask the forum. I have a modem-router. I have the pfSense down stream in order to firewall a different LAN. I need connect to a service on a desktop past the pfSense. So, I need to have the modem-router port forward to the pfSense which will then forward it to a desktop.

      1 Reply Last reply Reply Quote 0
      • A
        akuma1x
        last edited by

        First question - is your modem/router setup in pass-thru mode, or is it setup in router mode?

        Jeff

        1 Reply Last reply Reply Quote 0
        • M
          mikeisfly
          last edited by

          Put Pfsense in the DMZ of your modem-router and then all you have to do is manage PfSense. So if you need traffic to pass to a computer just setup a port-forward on PfSense. This is of course assuming all your devices are behind Pfsense.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            I don't see a question here....
            But, yes, if your modem/router is in router mode you need to port forward to pfSense and then port forward there to the desktop machine behind it. That could be via a 'DMZ mode'.

            Steve

            1 Reply Last reply Reply Quote 0
            • T
              Tleary
              last edited by

              The modem is set in router mode because I want the firewall feature. I didn't know about DMZ mode but I'm reading about it and all the articles are saying I loose the security of a router being the firewall that blocks Internet traffic. I use the LAN the modem creates.

              My initial attempts were to have a modem listening port and then forward it to the pfSense which would then forward the set port to the computer. It has worked.

              What are the forums thoughts on loosing firewall protection in DMZ mode and what about port forwarding to the pfSense and in turn port forwarding to the computer?

              How can you keep strong boarder protection? I have a Ubiquiti Edge Router X available.

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                DMZ mode, in everything I have seen, is like a 1:1 NAT rule. It forwards all traffic to whatever IP you nominate, in this case pfSense.
                So it removes the firewall for that IP but not for other IPs in the routers LAN subnet.

                Steve

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.