Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding

    Scheduled Pinned Locked Moved NAT
    7 Posts 4 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xibalba
      last edited by

      hello, i'm using pfSense as a router on my home network and would like to forward all incoming packets on the router's port 25 to an internal machine 192.168.1.7 on port 25. This is also accompanied by a firewall ruleset on the WAN interface to allow any packets from any source/port to be forwarded to the internal ip of 192.168.1.7 on port 25. I applied the changes and it does not seem to be forwarding the packets.

      pfctl -s all | grep smtp

      rdr on xl0 inet proto tcp from any to 72.132.236.227 port = smtp -> 192.168.1.7
      pass in quick on xl0 inet proto tcp from any to 192.168.1.7 port = smtp keep state label "USER_RULE: NAT rbhs smtp"
      pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"
      USER_RULE: NAT rbhs smtp 5286 7859 393004
      USER_RULE: smtp server 2487 0 0

      thanks ahead of time

      1 Reply Last reply Reply Quote 0
      • X
        xibalba
        last edited by

        dc0 is my internal interface. Shouldn't the rule be "pass out quick on dc0….." ?

        pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"

        1 Reply Last reply Reply Quote 0
        • J
          jeroen234
          last edited by

          no the rule is corect
          the trafic is comming from youre ext interface
          wen it hits dc0 it needs the incoming rules to get to the internal ipadress

          1 Reply Last reply Reply Quote 0
          • X
            xibalba
            last edited by

            any clues as to why the port isn't being forwarded then? I haven't been recieving mail on the host, and the host is listening and configured properly. I was told to ugprade to rc3e in another thread, perhaps that will fix it.

            1 Reply Last reply Reply Quote 0
            • X
              xibalba
              last edited by

              i just realized….i am.....completely.......retarded. I forgot to specify the default router on my freebsd housing the mail server ( it use to be my router ). And so everything on my LAN was able to use it just fine using ARP. Having added route add default 192.168.1.1 everything is now running perfect.
              i'm going to go smack my head on the desk for a while. Thanks though jeroen234.

              1 Reply Last reply Reply Quote 0
              • C
                celtic
                last edited by

                got the same prob…. it's just that my default gateway is correct.... but smtp is still giving me a timeout.

                pfctl -s all | grep smtp

                rdr on xl1 inet proto tcp from any to 85.223.49.41 port = smtp -> 172.16.66.240
                pass in quick on xl1 proto tcp from any to any port = smtp keep state label "USER_RULE: NAT "

                should be enough right ?

                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  celtic, see:
                  http://wiki.pfsense.com/wikka.php?wakka=PortForwardTroubleShooting

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.