Port forwarding
-
hello, i'm using pfSense as a router on my home network and would like to forward all incoming packets on the router's port 25 to an internal machine 192.168.1.7 on port 25. This is also accompanied by a firewall ruleset on the WAN interface to allow any packets from any source/port to be forwarded to the internal ip of 192.168.1.7 on port 25. I applied the changes and it does not seem to be forwarding the packets.
pfctl -s all | grep smtp
rdr on xl0 inet proto tcp from any to 72.132.236.227 port = smtp -> 192.168.1.7
pass in quick on xl0 inet proto tcp from any to 192.168.1.7 port = smtp keep state label "USER_RULE: NAT rbhs smtp"
pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"
USER_RULE: NAT rbhs smtp 5286 7859 393004
USER_RULE: smtp server 2487 0 0thanks ahead of time
-
dc0 is my internal interface. Shouldn't the rule be "pass out quick on dc0….." ?
pass in quick on dc0 inet proto tcp from any to 192.168.1.7 port = smtp flags S/SA keep state label "USER_RULE: smtp server"
-
no the rule is corect
the trafic is comming from youre ext interface
wen it hits dc0 it needs the incoming rules to get to the internal ipadress -
any clues as to why the port isn't being forwarded then? I haven't been recieving mail on the host, and the host is listening and configured properly. I was told to ugprade to rc3e in another thread, perhaps that will fix it.
-
i just realized….i am.....completely.......retarded. I forgot to specify the default router on my freebsd housing the mail server ( it use to be my router ). And so everything on my LAN was able to use it just fine using ARP. Having added route add default 192.168.1.1 everything is now running perfect.
i'm going to go smack my head on the desk for a while. Thanks though jeroen234. -
got the same prob…. it's just that my default gateway is correct.... but smtp is still giving me a timeout.
pfctl -s all | grep smtp
rdr on xl1 inet proto tcp from any to 85.223.49.41 port = smtp -> 172.16.66.240
pass in quick on xl1 proto tcp from any to any port = smtp keep state label "USER_RULE: NAT "should be enough right ?
-
celtic, see:
http://wiki.pfsense.com/wikka.php?wakka=PortForwardTroubleShooting