Problem with portforward on 1.2.3-release?
I have quite a few portforwards enabled currently, and I need to create some more, but for some reason it fails.
I want to access a ssh console on a server, so I create a rule like the attachment.
But I can't access it, when I try I quickly gets a disconnect.
This is the packetcapture on the pfsense:
12:30:39.602003 IP (tos 0x0, ttl 119, id 51572, offset 0, flags [DF], proto TCP (6), length 48) 193.219.x.x.57723 > 87.61.18.x.5001: S, cksum 0xc25f (correct), 3894124159:3894124159(0) win 64512 <mss 1260,nop,nop,sackok="">12:30:39.602366 IP (tos 0x0, ttl 63, id 27724, offset 0, flags [DF], proto TCP (6), length 48) 87.61.18.x.5001 > 193.219.x.x.57723: S, cksum 0x9170 (correct), 2568846377:2568846377(0) ack 3894124160 win 5840 <mss 1460,nop,nop,sackok="">12:30:39.624798 IP (tos 0x0, ttl 119, id 29446, offset 0, flags [DF], proto TCP (6), length 40) 193.219.x.x.57723 > 87.61.18.x.5001: ., cksum 0xd903 (correct), ack 1 win 64512
12:30:39.646227 IP (tos 0x0, ttl 63, id 44118, offset 0, flags [DF], proto TCP (6), length 60) 87.61.18.x.5001 > 193.219.x.x.57723: P, cksum 0x0573 (correct), 1:21(20) ack 1 win 5840
12:30:39.669036 IP (tos 0x0, ttl 120, id 9303, offset 0, flags [DF], proto TCP (6), length 40) 193.219.x.x.57723 > 87.61.18.x.5001: R, cksum 0xd4fc (correct), 3894124160:3894124160(0) win 0
Nobody that has anything on this? ??? Catastrophic! >:(
if I NAT port 22->port 22, ergo, not port translation, then it works perfectly.
Should I recreate the question in install/configure, or?
this is odd indeed. i have an ssh portforward on a non-standard port to a host behind pfsense and it works just fine. the RST is coming from the host behind pfsense. what is it? freenas? something else?
I've tried both against the QNAP NAS, and a SLES 10 Linux. No change.
I've also tried towards a HTTP server running some survaillance on a QNAP VS-101.
This is an upgrade of an upgrade. I'm wondering if I should try a fresh start.
My only worry is that I've had some problems in moving part of config's over (I would hate to reenter all the staticly defined DHCP leases, etc.).
And I also have a 'lot' of nat's previously defined, that works fine. But if I create a new one, then noooo.