NAT on specific port
-
Hi, my ISP gave me 4 IP address
- 80.12.45.60 that's address of my WAN
I want to use a second IP address and open port 3000 on it.
Could you explain me how to do that?
I followed some guides but i am facing many issues and nat does not work.
thanks a lot
- 80.12.45.60 that's address of my WAN
-
If your additional IPs are routed to the primary WAN address by the ISP you can simply use it in a NAT rule by selecting Single address at destination and entering the IP in the next box.
If not, first you have to add each public address in Firewall > Virtual IPs as type IP Alias to the WAN interface.
Then you can choose them from the destination drop-down. -
@viragomann
additional IP should not be routed.
I use one IP for my wan connection
Other IP are free
thanks -
Hi, port forwarding not seems working
I am trying testing port tcp 3000 with telnet
Telnet says "lost connection to host"PfSense rule seems to working good as shown in logs
could you help me?
Port 3000 is open on my public Ip
I ckecked herehttps://www.yougetsignal.com/tools/open-ports/
i'm using virtual IP
MY ISP gave me 4 IP- on IP is for WAN
- one IP is used for port forwarding
-
@reynold said in NAT on specific port:
I am trying testing port tcp 3000 with telnet
Telnet says "lost connection to host"
PfSense rule seems to working good as shown in logs
The log shows destination port 6000. So are you forwarding from 3000 on public to 6000 on internal IP?Are you sure the destination device is responding properly?
You can narrow it down on pfSense by using Diagnostic > Packet capture.
Take a capture on the WAN interface with a port filter set to the public port, while you try an access from outside. If it's okay, sniff on the internal interface and set the port filter to the internal forwarded port if it's another one. -
@viragomann
sorry i made a mistake
i'm testing port 6000
i need to forward to port 6000 from wan -
@viragomann
I captured some of these packet on port 6000 on my public IP on WAN interface
It seems it's working correcty if i'm not wrong...19:57:58.610942 IP xxx.xxx.89.130.62498 > xxx.xxx.89.155.6000: tcp 0
19:57:58.619567 IP xxx.xxx.155.6000 > xxx.xxx.89.130.62498: tcp 0Here what i captured on LAN interface
20:04:59.813402 IP xxx.xxx..89.130.62524 > 192.168.0.190.6000: tcp 0
20:04:59.818069 IP 192.168.0.190.6000 > xxx.xxx.89.130.62524: tcp 0Is it helpful?
It seems everything is working bit i'm not sure
-
@reynold
Agree. This looks as it should.
pfSense uses for the response on WAN the origin destination IP the request went to.However, so the port scanner should show you a green flag when you check port 6000.
-
@viragomann
thanks, Where can i find the green flag? -
@reynold said in NAT on specific port:
Where can i find the green flag?On port checker page you mentioned above.
https://www.yougetsignal.com/tools/open-ports/ -
@viragomann
Confirm. Green flag and it says port is open on public ip address.
I'm going to check the device. It should be the oroblem
Maybe it's not responding correctly.