• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Can't access my Network from an external IP

Scheduled Pinned Locked Moved Firewalling
6 Posts 5 Posters 890 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    Johndon22
    last edited by Jun 16, 2022, 11:58 AM

    Hi, I am new to pfSense but I have set it up as my firewall and I have everything on my home network going through a VPN to access the internet but I can't access my NAS from outside my network.
    I also can't access the NAS or network when it's not using the VPN connection either.
    I have a QNAP NAS so I have tried QVPN with OpenVpn and it doesn't work.
    I have opened what I think are the correct ports on pfSense and it doesn't work.
    Any advise would be appreciated.

    V J 2 Replies Last reply Jun 16, 2022, 3:02 PM Reply Quote 0
    • V
      viragomann @Johndon22
      last edited by Jun 16, 2022, 3:02 PM

      @johndon22 said in Can't access my Network from an external IP:

      I also can't access the NAS or network when it's not using the VPN connection either.

      How did you try to achieve this? By port forwarding?

      It's not a good idea to expose your NAS anyway. Better to run a VPN on pfSense to access your local network from remote.

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator @Johndon22
        last edited by Jun 16, 2022, 3:59 PM

        @johndon22 said in Can't access my Network from an external IP:

        I have opened what I think are the correct ports on pfSense and it doesn't work.

        Without seeing what you did, its pretty hard to help you. But I am with @viragomann I would think really long and hard before exposing your nas to the public internet.

        What are you trying to do on your nas exactly while your remote - admin it, access files?

        The correct way to access anything on your network while remote would be to setup vpn to pfsense. Be that ipsec, openvpn or wireguard.

        Keep in mind for any of those solutions to work, you would need to be able to directly access your pfsense wan IP.. If pfsense behind a nat, be that another router in front of pfsense, yours or an ISP device, or if your isp is using CGNAT..

        So first question would be is pfsense wan IP a public IP, or rfc1918 or does it start with 100.64-127

        If it is an actual public IP, I would do a simple test go to say can you see me .org put in a port, sniff on your wan while you do this test. Do you see that traffic hit your pfsense wan?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • J
          Johndon22
          last edited by Johndon22 Jun 17, 2022, 10:47 AM Jun 17, 2022, 10:37 AM

          Hi, Thank you for your replies.
          The main reason, so far, to be able to access my NAS is so that I can monitor my cameras in QVR Pro and then later maybe access pictures and files and use it as a cloud storage device.

          I used to be able to access QVR Pro when I had my old Asus router setup and that controlled everything. I don't want to use myQNAPcloud.
          I changed to pfSense so that I might have more control and security over my network. Like you advised I don't want to have open ports for the reasons you outlined. I would prefer everything to go through a VPN.

          As far as I can tell my WAN is a public IP address. There is nothing in front of pfSense. I did the port sniffer test and when I am using the IP address my ISP assigned me I can see the open port I used for testing. It's closed now.

          I followed some guides online and setup a cloud VPN provider on pfSense. I also have the same provider on my phone. I thought it would be a simple thing of activating both and I would be able to connect to my network but clearly not. I have everything on my local network accessing the internet through the VPN. My public IP of my phone is from my VPN provider when on my home network so I assume it is setup correctly.

          I also setup QVPN on my NAS with OpenVPN and sent the configuration files to my phone. I can't get my phone to connect to the NAS. I have tried different configurations ie NAS routed through my cloud VPN and when my NAS is not routed through my Cloud VPN, it still does not connect.

          So I suppose what I am asking is how do I access my NAS from my phone on a public IP address when my NAS is being routed through a VPN using pfSense without opening any ports. Do I have to use the OpenVPN app on my phone? Should I use the QVPN app on my NAS?

          1 Reply Last reply Reply Quote 0
          • B
            bingo600
            last edited by bingo600 Jun 17, 2022, 11:46 AM Jun 17, 2022, 11:44 AM

            @Johndon22

            Make your self a happier man.
            Use a VPN connection to access/view your devices.

            I would use pfSense for the VPN, it's kinda designed for that .....

            /Bingo

            If you find my answer useful - Please give the post a 👍 - "thumbs up"

            pfSense+ 23.05.1 (ZFS)

            QOTOM-Q355G4 Quad Lan.
            CPU  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
            LAN  : 4 x Intel 211, Disk  : 240G SAMSUNG MZ7L3240HCHQ SSD

            1 Reply Last reply Reply Quote 0
            • T
              terryzb
              last edited by terryzb Jun 18, 2022, 12:16 AM Jun 18, 2022, 12:16 AM

              I would be nervous about exposing the QNAP. There's a new deadbolt ransomware strain just announced. The previous strain encrypted everything on the NAS and required a bitcoin payment for the decryption key and I expect the current one is the same.

              https://www.qnap.com/en/security-advisory/qsa-22-19
              https://blog.malwarebytes.com/ransomware/2022/01/qnap-update-stops-deadbolt-ransomware-annoys-some-users-starts-debate/

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received