Only Some of my Port Forwards work ?

Cire3

Not Working.PNG

This one is not working.

NogBadTheBad

Are you providing a VOIP server locally?

If the phone is local and the VOIP server remote you shouldn't need any sort of port forwards, I have a VOIP phone local and don't have any port forwards.

Cire3

@nogbadthebad From my understanding the phone server is on site (Some Panasonic System) and the phone is off site (Cell Phone). Backwards in my opinion, but I believe they want to have a business phone in another location. I would use a server off site, not sure what he was sold or why.

This port forward is squeezing my brain though.

NogBadTheBad

@cire3 Try killing the firewall states.

Diagnostics -> States -> Reset States

Cire3

@nogbadthebad Yea, just tried that a little bit ago. Same issue.

NogBadTheBad

@cire3

Those rules aren't disabled are they, there is a mini square in the tick box ?

I don't use that colour scheme.

Cire3

@nogbadthebad 9300 RUle.PNG

My 9300 rule that auto populated when setting up NAT Port Forward

NogBadTheBad

@cire3 I'd start doing a packet capture on the WAN interface to see if the packets are hitting the WAN interface, maybe the ISP is blocking some of the ports.

Also I was talking about the NAT rule with the mini square not the firewall rule.

Screenshot 2021-06-21 at 19.59.37.png

Cire3

@nogbadthebad said in Only Some of my Port Forwards work ?:

packet capture on the WAN

Sorry, thought you wanted rule, as I already posted the NAT Forward rules. My bad. However I double checked.

I'm connected over VPN, and know enough to be dangerous...lol Any way I can packet capture on the WAN remote ? Never had to do this.

NogBadTheBad

@cire3 yup have a look at the diagnostics section.

You can download the packet capture from the page and view in wireshark.

Cire3

@nogbadthebad Just seen it after I asked the question. Way cool. Downloading now after trying to check port.

Cire3

@cire3 Host address being my Static WAN ? And should I use a port or just capture?

Cire3

@cire3 Packate Capture 9300.PNG

And this from PFSense :

15:25:00.282522 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.278833 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.283582 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.282636 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.284759 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:03.282818 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:56.035819 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.034127 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.036750 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.034059 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.038290 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:25:59.038237 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:26:00.276783 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.274091 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.277837 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.273897 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.278893 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0
15:26:03.277951 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0

NogBadTheBad

@cire3 OK so it looks like 9300 is hitting the WAN interface.

Cire3

@nogbadthebad Yea, It would have been great to blame Comcast. Not today I guess...lol

Cire3

@cire3 Firewall Rules WAN.PNG

Figured I would post in case something didn't look right

Cire3

@cire3

This is what's back in states

NogBadTheBad

@cire3 Rules are read from the top down, I suggest you have a read:-

https://docs.netgate.com/pfsense/en/latest/firewall/rule-list-intro.html

Everything TCP will hit the 3rd rule down.

Cire3

@nogbadthebad Reset States again, waiting for it to boot back up and VPN in

Cire3

@nogbadthebad UDP to TCP/UDP to TCP. No change