Pfsense behind a router and need to access nanostation
-
Hello guys, so i am a small Wisp provider and recently I deployed my pfsense box and it has been running very well although it is behind a zte router provided by my ISP. So i have a wireless CPE (Nanostation loco M5) which i would like to access remotely. I already set a custom port for the CPE but i am stuck on port-forwarding. Kindly help.
-
No possible way to know how to help you with the information provided.
With all of those pieces in the mix you're going to have to be a lot more specific about what it is you are trying to do, how you are testing, and what the results are.
-
https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.html
If you are in a double-NAT configuration then you're going to have to setup your port-forwards on both the ISP router and pfSense.
-
Mmm, where exactly are you trying to access this from? And where in the network is the Nanostation?
Steve
-
@stephenw10 The nanostation has a static IP on the same subnet as my pfSense box and not the router. I am trying to access it remotely since on the nanostation I already set a custom server port. Lemme send a screenshot of the nano
-
That tells us nothing about what is upstream of that where the port forwarding would be taking place.
And why not manage your network via a management VLAN over a VPN?
-
@Derelict So the setup should be like this
Remote Pc–>Internet–>Isp router(already port forwarded the custom port 2300 to pfsense) –>Pfsense–>Nanostation loco m5 -
https://www.netgate.com/docs/pfsense/nat/forwarding-ports-with-pfsense.html
https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.html
What isn't working? Pay particularly close attention to the things to check and the troubleshooting steps in the port forward troubleshooting document.
Hint: pfSense cannot forward traffic it does not receive.
-
Yes, VPN into pfSense and then access it from there is far more secure.
If you are going to use port forwards you should definitely be using the secure server port (https).
Steve