Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to port forward from internal to internal

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 192 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sid1584
      last edited by

      Hello all ,

      I want to have port forwarding when i ssh to LAN1 address with custom port 223 , to the switch connected directly on the other interface with L3 interface

      This is my network flow

      pfsense incoming traffic -->LAN1 --->OPT----->Directly connected to switch-

      WAN (wan) -> mvneta0.4090 ->

      LAN1 (lan) -> mvneta0.4091 -> v4: 192.168.2.200/24

      OPT (opt1) -> mvneta0.4092 -> v4: 192.168.0.200/24

      VNET (opt2) -> ovpnc1 -> v4: 10.10.15.2/24

      VNET1 (opt3) -> ovpnc2 ->

      In the captures I see that the traffic reaches the pfsense, port forwarding never happens

      [2.4.5-RELEASE][admin@pfSense.localdomain]/root: tcpdump -nni mvneta0.4091 not port 44 and host 192.168.2.104

      08:16:18.393023 IP 192.168.2.104.61191 > 192.168.2.200.223: Flags [S], seq 2860448155, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

      08:16:24.398247 IP 192.168.2.104.61191 > 192.168.2.200.223: Flags [S], seq 2860448155, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

      I can ssh to the switch with no problems since its directly connected on OPT interface

      [2.4.5-RELEASE][admin@pfSense.localdomain]/root: ssh admin@192.168.0.60

      admin@192.168.0.60's password:

      (aruba-lab) >

      (aruba-lab) >

      Screenshot for the firewall rule : https://pasteboard.co/J9yHNnF.jpg

      But when I ssh to LAN address with custom port 223, I get timed out. What am I missing here?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.