Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense behind a router and need to access nanostation

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 4 Posters 707 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      OpenWifi
      last edited by stephenw10

      Hello guys, so i am a small Wisp provider and recently I deployed my pfsense box and it has been running very well although it is behind a zte router provided by my ISP. So i have a wireless CPE (Nanostation loco M5) which i would like to access remotely. I already set a custom port for the CPE but i am stuck on port-forwarding. Kindly help.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        No possible way to know how to help you with the information provided.

        With all of those pieces in the mix you're going to have to be a lot more specific about what it is you are trying to do, how you are testing, and what the results are.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.html

          If you are in a double-NAT configuration then you're going to have to setup your port-forwards on both the ISP router and pfSense.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Mmm, where exactly are you trying to access this from? And where in the network is the Nanostation?

            Steve

            O 1 Reply Last reply Reply Quote 0
            • O
              OpenWifi @stephenw10
              last edited by stephenw10

              @stephenw10 The nanostation has a static IP on the same subnet as my pfSense box and not the router. I am trying to access it remotely since on the nanostation I already set a custom server port. Lemme send a screenshot of the nano
              IMG_20190430_065915_433.JPG

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                That tells us nothing about what is upstream of that where the port forwarding would be taking place.

                And why not manage your network via a management VLAN over a VPN?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                O 1 Reply Last reply Reply Quote 0
                • O
                  OpenWifi @Derelict
                  last edited by

                  @Derelict So the setup should be like this
                  Remote Pc–>Internet–>Isp router(already port forwarded the custom port 2300 to pfsense) –>Pfsense–>Nanostation loco m5

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by

                    https://www.netgate.com/docs/pfsense/nat/forwarding-ports-with-pfsense.html

                    https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.html

                    What isn't working? Pay particularly close attention to the things to check and the troubleshooting steps in the port forward troubleshooting document.

                    Hint: pfSense cannot forward traffic it does not receive.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Yes, VPN into pfSense and then access it from there is far more secure.

                      If you are going to use port forwards you should definitely be using the secure server port (https).

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.