New guy trying to get NAT/port forwarding to work
Hi. First post. Need assist.
I have not been able to get my below scenario to work. Have tried ipcop, m0n0wall, pfsense. PFsense seems by far the most complete firewall, but still no luck.
Checked the RFC959 violation box.
I am merely trying to forward some ports from 18.104.22.168 over to 192.168.6.3.
Opened all ports (1-65535) out of frustration at just getting the few I really wanted.
Didn't do anything with the Virtual IP's and CARP menu - not sure of what it really means yet.
This seems to be a really no-brainer configuration but not working for me.
WireShark on WinXP with "host 192.168.6.48 and host 22.214.171.124" gives nothing.
pfsense firewall log shows this (test with ftp) - doesn't seem to be forwarded.
(passed) Jan 6 19:50:40 WAN 192.168.6.2:137 192.168.6.3:137 UDP
(passed) Jan 6 19:44:09 WAN 126.96.36.199:42752 192.168.6.3:21 TCP:S
Please, anyone know what I am missing. I use at home a Juniper Netscreen NS5GT so am not a total novice with all this, but I am baffled.
PC Linux client on 188.8.131.52 => pfsense (WAN 184.108.40.206 (LAN 192.168.6.48) to PC WinXP on 192.168.6.3
220.127.116.11 (single interface)
Dest 18.104.22.168 * 255.255.0.0
ifconfig shows up
NAT: WAN TCP/UDP 1 - 65535 target(aliased to 192.168.6.3 (ext.: any) 1 - 65535
Rule: TCP/UDP * * target 1 - 65535 *
Windows XP (ipconfig /all output)
IP Address. . . . . . . . . . . . : 192.168.6.3
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 192.168.6.1
Some more info.
On WinXP 192.168.6.3, I can ping pfsense at 192.168.6.48.
On pfsense I can ping WinXP 192.168.6.3 and get normal ping response.
I cannot ping pfsense 22.214.171.124 from my linux 126.96.36.199.
On pfsense if I ping any address on 20.20.20.x network, I get this weird response:
pfhacom:~# ping 188.8.131.52
PING 184.108.40.206 (220.127.116.11): 56 data bytes
36 bytes from pfhacom.local (192.168.6.48): Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 b029 0 0000 01 01 3eff 192.168.6.48 18.104.22.168
OK. that was dumb. the ping to any 20.20.20.x address was actually not responded. Just all that info telling me about it