Ports are open but cant reach website
-
Good morning all,
I used this blog post to configure inter-VLAN routing on my test network.
https://greigmitchell.co.uk/2019/08/configuring-intervlan-routing-with-a-layer-3-switch-and-pfsense/I have configured port forwarding for a web service on port 9443 and the port shows open. I can also reach the service internally. However, the service is still unavailable to any client trying to reach the service from the WAN side. Any thoughts on what might be the issue.
Thank you in advance!
DZ -
@dzacharias said in Ports are open but cant reach website:
I have configured port forwarding
You've added you NAT rule.
And your asking yourself : is the inbound traffic suing (hitting) this NAT rule ?
As you might have seen, a NAT rule is broken up in two parts : they are listed here Firewall > NAT > Port Forward
and they have a firewall rule on the WAN interface - after all, traffic must be allowed to come in.First indication :
Are these ruels actually used ?
Answer :
Easy :
Next test : edit your NAT related firewall rule, and make it log !!
Now, do the test from the outside.
Take note of the IP you're using.
Do the test.
Go check the firewall logs.You'll see logs lines with your IP, your pfSense WAN IP, your source port and the pfSense destination port ( 9443).
Btw : before starting to use NAT rules you should read and understand this :
Troubleshooting NAT.Also, do you have a router in front of pfSense ? If so, you have to add a NAT rule in this device also.
-
Ok,
well, that might be an issue. I have a catalyst 3560G with the corresponding VLANs on it. I did some googling and it seems that the 3560G switch does not support NAT. Could this be my problem? How can cisco make an L3 switch that does not support NAT? Is there a workaround for this problem?
Thank you in advance.
DZ