4. Port forwarding

Port forwarding

  • X

    hello, i'm using pfSense as a router on my home network and would like to forward all incoming packets on the router's port 25 to an internal machine 192.168.1.7 on port 25. This is also accompanied by a firewall ruleset on the WAN interface to allow any packets from any source/port to be forwarded to the internal ip of 192.168.1.7 on port 25. I applied the changes and it does not seem to be forwarding the packets.

    pfctl -s all | grep smtp

    rdr on xl0 inet proto tcp from any to 72.132.236.227 port = smtp -> 192.168.1.7
    pass in quick on xl0 inet proto tcp from any to 192.168.1.7 port = smtp keep state label "USER_RULE: NAT rbhs smtp"
    pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"
    USER_RULE: NAT rbhs smtp 5286 7859 393004
    USER_RULE: smtp server 2487 0 0

    thanks ahead of time

    0
  • X

    dc0 is my internal interface. Shouldn't the rule be "pass out quick on dc0….." ?

    pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"

    0
  • J

    no the rule is corect
    the trafic is comming from youre ext interface
    wen it hits dc0 it needs the incoming rules to get to the internal ipadress

    0
  • X

    any clues as to why the port isn't being forwarded then? I haven't been recieving mail on the host, and the host is listening and configured properly. I was told to ugprade to rc3e in another thread, perhaps that will fix it.

    0
  • X

    i just realized….i am.....completely.......retarded. I forgot to specify the default router on my freebsd housing the mail server ( it use to be my router ). And so everything on my LAN was able to use it just fine using ARP. Having added route add default 192.168.1.1 everything is now running perfect.
    i'm going to go smack my head on the desk for a while. Thanks though jeroen234.

    0
  • C

    got the same prob…. it's just that my default gateway is correct.... but smtp is still giving me a timeout.

    pfctl -s all | grep smtp

    rdr on xl1 inet proto tcp from any to 85.223.49.41 port = smtp -> 172.16.66.240
    pass in quick on xl1 proto tcp from any to any port = smtp keep state label "USER_RULE: NAT "

    should be enough right ?

    0
  • C

    celtic, see:
    http://wiki.pfsense.com/wikka.php?wakka=PortForwardTroubleShooting

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy