Port Forwarding Troubleshooting



  • The version of pfSense I'm using is 2.2.4-RELEASE-p1 (amd64)
    I have 5 interfaces - WAN, LAN, Opt1, Opt2, Opt3
    I have a static IP address
    Opt1 is where the server is connected

    I'm having a tough time allowing external traffic access to my server on Opt1 Interface. I have been running a Watchguard Firebox x700 so I'm fairly familiar with NAT settings etc. I've basically configured pfSense as my Firebox was configured but no traffic is reaching the server.

    I CAN connect to the server from the LOCAL Network on a local PC connected to the LAN interface. But using my Cellphone, I cannot connect to the server even though the logs say the connection was allowed.

    Port Forwarding Troubleshooting
    This article is a great resource for troubleshooting basic connectivity issues.

    However, I don't see where it covers these issues related to the installation or use of pfBlockNG.
    I suspect some or all of my issues could be related to pfBlockNG but I could be totally wrong about that.
    I haven't yet, but I'll try disabling pfBlockNG temporarily to see if that's the case (it just occurred to me as I type this to try that)



  • @HansSolo said in Port Forwarding Troubleshooting:

    However, I don't see where it covers these issues related to the installation or use of pfBlockNG.

    I wouldn't expect it to considering they have nothing in common.

    Basic NATs are pretty easy. It's usually a bad NAT definition, or a double-NAT config.

    If you want any help, post screens of your NATs and firewall rules. Make sure to obscure any public details.



  • Thank you for the assistance.
    I have since resolved the issue and will "try" to explain how for anyone else having this issue.

    Basically, my NAT settings were incorrect.
    The article (post) in my OP led me to the path to find this.
    By checking under --> DIAGNOSTICS --> STATE, I was able to see that there was no trasnlation between my External IP address and the TARGET IPADDRESS which is Opt1

    I misunderstood DESTINATION vs TARGET and had them set to the same IP. Once I set the Destination to the External IP and the Target to the Opt1 interface IP it began to work.

    But there was one other fact that caused this problem......
    Being new to pfSense, I failed to learn the proper use of the SAVE buttons.

    I had not previously noticed there was a Blue SAVE button at the bottom of the configuration screens and so was not properly saving my changes.

    Early on, one must become acquainted with the Save buttons and which ones need to be used and when.

    Now that I've overcome these hurdles, pfSense seems to be making more and more 'Sense" to me.

    It is a very nice platform.



  • @HansSolo said in Port Forwarding Troubleshooting:

    Early on, one must become acquainted with the Save buttons and which ones need to be used and when.

    Yeah, wait until you try to use Squidguard and realize that none of your changes will stick until you go back to the General settings tab and click the Apply button at the top, after you have clicked Save at the bottom.


Log in to reply