Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding does not work when I use my ISP's nat?

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 379 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      Ivan007
      last edited by

      Hi there! I for servers use two networks, one on the party of provider another internal. I installed and configured pfSense 2.4.4-RELEASE-p3, it has 2 interfaces (internal and external). White addresses come through NAT provider. The problem is that when contacting the external address pfSense port forwarding works, and when contacting the white address of the provider there is no access. Why, what did I miss and how to configure port forwarding to work?

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @Ivan007
        last edited by

        @Ivan007

        Welcome to one of the "benefits" of NAT. When you set up port forwarding on your firewall and have a public address on the WAN side, the traffic from the web site can reach your firewall, where port forwarding is used to send it to a specific computer. When the ISP puts NAT ahead of your firewall, there is no way for you to configure port forwarding on it, so there's no route to your firewall.

        NAT is a hack to get around the IPv4 address shortage and it breaks somethings Port forwarding is a way around one of the things it breaks, that is transparency along the entire path. With ISPs NAT you can longer work around it.

        This is why the world MUST move to IPv6 as soon as possible. The more NAT is used, the more things break. Already with VoIP and some games it is necessary to use STUN servers, to get past NAT. I don't know that those will still work behind ISP & customer NAT combined.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.