Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need help troubleshooting NAT rules please

    Scheduled Pinned Locked Moved NAT
    5 Posts 3 Posters 502 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brianrl 0
      last edited by

      Hello,

      I have an NFS server running on my local Linux machine. The machine sits behind a pfSense. I have opened all the relevant ports on the pfSense. However, I can't mount the NFS share on my computer over the internet. The connection just times out. I've disabled the firewall on my local Linux machine. For better testing, using the local IP, I can mount the NFS share on the local Linux machine that's exporting it. However, when I use the public IP to mount the share, it fails. Below are the screenshots of the NAT and Rules. Can anyone help me understand what I'm missing?

      Nat Rules -
      Nat Rule.png

      Firewall Rules -
      Firewall Rules.png

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Brianrl 0
        last edited by

        @Brianrl-0
        Any good reason for obscuring your local IPs?
        I don't think, that we can access it from outside.

        Anyway, you should better consider to run a VPN and access the share over a secure connection.

        B 1 Reply Last reply Reply Quote 0
        • B
          Brianrl 0 @viragomann
          last edited by

          @viragomann said in Need help troubleshooting NAT rules please:

          @Brianrl-0
          Any good reason for obscuring your local IPs?
          I don't think, that we can access it from outside.

          Anyway, you should better consider to run a VPN and access the share over a secure connection.

          @viragomann - Thanks for the info. Unfortunately, a VPN is not an option. Do the rules look good?

          V J 2 Replies Last reply Reply Quote 0
          • V
            viragomann @Brianrl 0
            last edited by

            @Brianrl-0
            Yes, but I'm not sure, if the two ports are all you need to forward.
            Anyway you can see, that the rules got hits.

            I'd sniff the traffic on the internal interface to see if the packets are forwarded properly and if the server response to them.

            1 Reply Last reply Reply Quote 0
            • J
              Jarhead @Brianrl 0
              last edited by

              @Brianrl-0 said in Need help troubleshooting NAT rules please:

              Thanks for the info. Unfortunately, a VPN is not an option. Do the rules look good?

              You have pfSense... how could a VPN NOT be an option?? It's built in. Use it.
              As for the rules, no one can actually say if they're correct because you redacted the private IP's... Why? No need to obscure private IP's.
              But all the redacted should be the IP of the server itself. If that's the case, then yes, they are correct.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.