Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Inbound port forwarding via a single static public IP

    NAT
    2
    10
    67
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Ellis Michael Lieberman last edited by Ellis Michael Lieberman

      This post is deleted!
      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS @Ellis Michael Lieberman last edited by

        @ellis-michael-lieberman Can you post a screenshot of the rules?

        Reflection is for connecting to your own WAN Izp from inside your network.

        On WAN the NAT source is any (entire Internet), any port.
        https://docs.netgate.com/pfsense/en/latest/nat/port-forwards.html

        To double check, your pfSense WAN has a public IP?

        Steve

        Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
        When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

        E 1 Reply Last reply Reply Quote 0
        • E
          Ellis Michael Lieberman @SteveITS last edited by Ellis Michael Lieberman

          This post is deleted!
          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS @Ellis Michael Lieberman last edited by

            @ellis-michael-lieberman Source port is any, it’s random.

            Destination is your WAN Address.

            NAT destination is the private IP. NAT port is the target, e.g. port 80.

            Steve

            Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
            When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

            E 3 Replies Last reply Reply Quote 0
            • E
              Ellis Michael Lieberman @SteveITS last edited by

              This post is deleted!
              1 Reply Last reply Reply Quote 0
              • E
                Ellis Michael Lieberman @SteveITS last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • E
                  Ellis Michael Lieberman @SteveITS last edited by

                  This post is deleted!
                  1 Reply Last reply Reply Quote 0
                  • E
                    Ellis Michael Lieberman last edited by

                    Sorry for being an idiot. OK so I create the rule on the WAN address. Where do I create a filter to send the packet to the correct device?
                    network.png

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      SteveITS @Ellis Michael Lieberman last edited by

                      @ellis-michael-lieberman it was late and I used the wrong words. On the page I linked the Destination Ip and port are to where the remote person is connecting. So, your WAN port 80. The Redirect Target IP is the LAN IP of the web server, and Redirect Target port is the port.

                      https://docs.netgate.com/pfsense/en/latest/nat/port-forwards.html#adding-port-forwards

                      Steve

                      Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
                      When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

                      E 1 Reply Last reply Reply Quote 0
                      • E
                        Ellis Michael Lieberman @SteveITS last edited by

                        @steveits
                        I found the problem. Though the screens said to not use redirection, that is what I actually needed to do. It was a simple fix, once I realized the screen instructions were at best misleading. It all works now. Here's what it looks like.

                        fixed.png

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post