Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    port forwarding with pfsense under dd-wrt

    Scheduled Pinned Locked Moved
    NAT
    3
    5
    956
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      seantree
      last edited by

      Anything wrong? Couldn't open web page of https://192.168.2.21 from external.

      dd-wrt
      port1.jpg

      pfsense
      port2.jpg

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @seantree
        last edited by

        @seantree
        Not clear, what you try to access here. Your screens are showing port forwarding on the ddwrt and also on pfSense.

        Regarding to pfSense, remember that private source IPs are blocked by default on WAN.
        To allow access edit the WAN interface settings and remove the check from "Block private networks".

        S 1 Reply Last reply Reply Quote 0
        • S
          seantree @viragomann
          last edited by

          @viragomann
          You are right. After I removed "Block private networks", I can reach my server. Is there any way to keep this box checked and make it work with private ip? I have tried to make a float firewall rule, but it didn't work. I also tried to make a firewall on the WAN page, but I couldn't move the rule on top of the "Block Private Networks" rule.

          S V 2 Replies Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @seantree
            last edited by

            @seantree "Block Private Networks" is a default rule that is created at the top of the list (otherwise, they might not be blocked). You can however turn that option off, and create your own rules to block IP ranges.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • V
              viragomann @seantree
              last edited by

              @seantree
              After removing the check and saving the interface settings, the block rule should be gone from WAN.
              Additionally you need a pass rule for allowing the access. However, this should be added automatically by the shown port forwarding rule.

              Consider that Quick floating rules ca override interface rules.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.