Only Some of my Port Forwards work ?
-
Those rules aren't disabled are they, there is a mini square in the tick box ?
I don't use that colour scheme.
-
My 9300 rule that auto populated when setting up NAT Port Forward
-
@cire3 I'd start doing a packet capture on the WAN interface to see if the packets are hitting the WAN interface, maybe the ISP is blocking some of the ports.
Also I was talking about the NAT rule with the mini square not the firewall rule.
-
@nogbadthebad said in Only Some of my Port Forwards work ?:
packet capture on the WAN
Sorry, thought you wanted rule, as I already posted the NAT Forward rules. My bad. However I double checked.
I'm connected over VPN, and know enough to be dangerous...lol Any way I can packet capture on the WAN remote ? Never had to do this.
-
@cire3 yup have a look at the diagnostics section.
You can download the packet capture from the page and view in wireshark.
-
@nogbadthebad Just seen it after I asked the question. Way cool. Downloading now after trying to check port.
-
@cire3 Host address being my Static WAN ? And should I use a port or just capture?
-
And this from PFSense :
15:25:00.282522 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.278833 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.283582 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.282636 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.284759 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:03.282818 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:56.035819 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.034127 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.036750 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.034059 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.038290 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:25:59.038237 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:26:00.276783 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.274091 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.277837 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.273897 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.278893 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0
15:26:03.277951 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0 -
@cire3 OK so it looks like 9300 is hitting the WAN interface.
-
@nogbadthebad Yea, It would have been great to blame Comcast. Not today I guess...lol
-
Figured I would post in case something didn't look right
-
This is what's back in states
-
@cire3 Rules are read from the top down, I suggest you have a read:-
https://docs.netgate.com/pfsense/en/latest/firewall/rule-list-intro.html
Everything TCP will hit the 3rd rule down.
-
@nogbadthebad Reset States again, waiting for it to boot back up and VPN in
-
@nogbadthebad UDP to TCP/UDP to TCP. No change
-
@cire3 If you still have that 3rd rule you need to delete it, it won't hit your NAT rule.
Its very dangerous what you've done with that rule and if you havent noticed all your TCP traffic is hitting it.
-
@nogbadthebad Oh dam, corrected :)
Any other thoughts ? Hate to rebuild the box.
Only thing I notice is the port conversions forward, but the port to port match don't. Or it's just a fluke.
-
@cire3 I'd check with the supplier again, you've got to and - in your first post, is that a range or is it convert one port to another.
A packet capture using the phones IP address would show you whats hiting the firewall.
-
This was the direction I was given. Some ports convert, while one is a range
Ports Working :
44443 Convert to 443 Forward to 10.10.1.25 Status: : Open
24493 Convert to 2728 Forward to 10.10.1.25 Status : OpenPort Not Working :
16000 Through 16511 Forward to 10.10.1.26 Status : Closed
9300 Forward to 10.10.1.25 Status : Closed -
@cire3 Well your packet capture shows port 9300 TCP not UDP as per their info.
15:25:00.282522 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.278833 IP 198.199.98.246.50719 > 198.0.115.21.9300: tcp 0
15:25:01.283582 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.282636 IP 198.199.98.246.50724 > 198.0.115.21.9300: tcp 0
15:25:02.284759 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:03.282818 IP 198.199.98.246.50731 > 198.0.115.21.9300: tcp 0
15:25:56.035819 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.034127 IP 198.199.98.246.50880 > 198.0.115.21.9300: tcp 0
15:25:57.036750 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.034059 IP 198.199.98.246.50883 > 198.0.115.21.9300: tcp 0
15:25:58.038290 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:25:59.038237 IP 198.199.98.246.50889 > 198.0.115.21.9300: tcp 0
15:26:00.276783 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.274091 IP 198.199.98.246.50895 > 198.0.115.21.9300: tcp 0
15:26:01.277837 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.273897 IP 198.199.98.246.50897 > 198.0.115.21.9300: tcp 0
15:26:02.278893 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0
15:26:03.277951 IP 198.199.98.246.50899 > 198.0.115.21.9300: tcp 0
