Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to forward correctly?

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    4 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      krisken
      last edited by

      I do have some router/network experience, but i've never worked with something extended as pfsense, so sorry for the n00b question :)

      I do have a pfsense box running with two WAN's (loadbalanced/failover):
      ISP Belgacom - 25Mbit down - 3.5Mbit up, no fixed ip
      ISP Dommel - 30Mbit down - 4.5Mbit up, fixed ip

      Now i want to forward the SSH traffic from WAN (the one with the fixed IP ;)) on port 10022 to port 22 of my local machine (IP 10.0.0.10).

      How do i have to forward that correctly?
      What values do i have to insert in the forms on Firewall/Rules?

      Kris

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Just set up a standard port forward, choose the correct WAN interface you want the forward to be active on and make sure you select the correct external and internal ports.  There is a checkbox to have pfSense auto-add a firewall rule for you.  Since you're unfamiliar with pfSense, you should use that initially and visit the rule to make sure it does exactly what you want.  By default, the rule will allow the entire world to use that forward which you may not actually want.  At the very least, consider rate limiting the rule (in the firewall rules, under one of the advance buttons) to slow down brute force attempts.

        1 Reply Last reply Reply Quote 0
        • K
          krisken
          last edited by

          Hi Submicron!
          Thanks for your quick answer!

          i've made a screenshot for you of my firewall rules.
          Maybe i have to change there some things

          FO_Belgacom = Failover using Belgacom WAN
          FO_Dommel = Failover using Dommel WAN
          LB_Belgacom_Dommel = Loadbalancing Belgacom and Dommel WAN

          Rule 1 = all SMTP traffic must use the Belgacom uplink (port 25)
          Rule 2 = all newsserver traffic (NNTP) must use the Dommel uplink (port 119)
          Rule 3 = All SSH traffic on port 10022 of my Dommel WAN must go to port 22 of the machine with IP 10.0.0.1

          http://krisken.dommel.be/pfsense/portforwarding/firewall_rules.jpg

          1 Reply Last reply Reply Quote 0
          • K
            krisken
            last edited by

            There was a error in the jpg file i've uploaded.
            I corrected it and re-uploaded the screenshot.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.