Forward SSH from LAN to WAN

Pinto · Sep 25, 2006, 11:26 PM

Hi all been using pfsense for 3 months, dual wan+load balancer+servers on dmz +lan

Today I instaled an asterisk 8) server on my lan.
My doubt is the following

I want to redirect lan's asterisk ssh server to the outside

Example
Lan SSH 192.168.11.250 port 22
Outside XXX.XXX.XXX.XXX port 1022

I tryed a Port Forward like this:

WAN TCP 1022 NAT IP[192.168.11.250(ext XXX.XXX.XXX.XXX)] 22
it created also the firewall rules.

What can be missing me?

TIA

Carlos Pinto

hoba · Sep 26, 2006, 12:04 AM

Firewall at the asterisk box? Also make sure you have selected "interface adress" for the external adress for your NAT instead of "any".

Pinto · Sep 26, 2006, 12:49 PM

No, my asterisk server has a SSH server inside my lan that I want to reach from outside

WAN–---| -PFSENSE RC2----------------------------DMZ--------MAIL
WAN2----| | |-DNS,HTTP
|
LAN
|
asterisk sshd
(i want to reach this server from outside) something like ssh public ip port 1022 for instace

Any Ideias?

hoba · Sep 26, 2006, 2:34 PM

I have that exact setup at home and even have ssh enabled at the pfSense itself. Add a log to the firewallrule that permits ssh traffic to the asterisk box. If you see a pass at status>systemlogs, firewall and also see a state for this connection at diagnostics>states the connection was allowed. Then it has to be something on the asterisk box.

Btw, make sure your rules order is correct. You can't allow a connection somewhere at the bottom of the list when you blocked it somewhere above.