Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirection doesn't work when using PPPoE on WAN Interface

    Scheduled Pinned Locked Moved NAT
    5 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cyanatide
      last edited by

      Hi!
      Here is my two différents config:

      Config 1: My pfsense box is behind a modem/router
      WAN interface: 192.168.1.1
      I have a web server in my DMZ, i have redirection on my modem/router and my pfsense box to this server. Internet users can access this web server.

      Config 2: I have removed the modem/router, my pfsense box is directly connected to a modem
      WAN interface: PPPoE (213.41.xx.xx)
      I keep the redirection to my web server but when Internet Users try to reach my web server, they get pfsense page wich ask login and password…

      What could be the problem?
      Thanks.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You probably have an incorrect port forward. Can you post a screenshot of your port forward configuration? (The list of port forwards should be enough)

        Hint: Port forwards for this should be on WAN only, and the external interface should be set to 'WAN Address' and not 'any'.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • C
          cyanatide
          last edited by


          They are set with ip ext any, but with interface adress, it's the same.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Set the external address back to "Interface Address" and leave it that way.

            If you have that set to "any" and you also enable NAT reflection, it will break in exactly the way you describe. Try to disable NAT reflection for your next test also.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • E
              Efonnes
              last edited by

              Actually, it sounds like cyanatide means that the web server cannot be accessed by the WAN IP from internal hosts.  The usual behavior for this would be that it would end up at the web server on the pfSense system rather than the web server the port forward would redirect to.  NAT reflection probably has not been enabled yet.

              cyanatide:  Do not enable NAT reflection without changing the external address field on your port forwards to something other than "any" or you will lose access to the web GUI on the pfSense box and to any external systems on those ports, as it will end up forwarding all connections on those ports to your web server (on 1.2.3 or earlier).

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.