Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall rule not right?

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TestUser007
      last edited by

      Hi,
      This is my first post here, so be gentle with me.  I have just installed pfSense and made some NAT and firewall rules, everything works fine from outside my network, for example, people can connect to my FTP server.  If, however, I want to connect to FTP through my external IP, it doesn't work.  The same is true for TCP port 80, however, people from outside my office can see my apache server.  If I try to connect to my apache server using its external IP address, I cannot connect.

      Does anyone have any idea what I have done wrong?

      I amm completely new to this, before pfSense I had an Asu* Router (out of the box solution).

      Thank you in advance for any help!

      [edited to correct massive grammar atrocities]

      1 Reply Last reply Reply Quote 0
      • T
        TestUser007
        last edited by

        have managet to make it work…from outside my office (all world)
        Have problems from acessing anyting from inside my office, like if i go to some web page where the images are on my local network apache server, i cannot see..like the rulle is right for all the world but not my private network?
        but now im NOT 100% i made the rulles right.....
        how i have made the rulles

        1. rulle: for my Apache (HTTP) server
        Interface: WAN
        Source: Any
        Destination: my internal Apache IP
        Destination porta: HTTP

        2. FTP (same settings)
        and so on...

        and the LAST rulle should block all other traffic:
        Interface: Wan
        Source: Andy
        Destination: NOT Any
        Destination porta: any

        Can please anyone help me :P

        1 Reply Last reply Reply Quote 0
        • N
          nihility
          last edited by

          To get your webserver to work from the inside, try to activate nat reflection in System -> Advanced

          1 Reply Last reply Reply Quote 0
          • T
            TestUser007
            last edited by

            Is this normal??
            all ports al routed to local address of apache and port 80
            Screen shot in attachment

            firewall.jpg
            firewall.jpg_thumb

            1 Reply Last reply Reply Quote 0
            • N
              nihility
              last edited by

              Seems normal to me.

              1 Reply Last reply Reply Quote 0
              • P
                podilarius
                last edited by

                Are you running 2.0 (if so, which build) or 1.2.3?
                If you are running 2.0 recent build, there seems to be a problem with NAT reflection. I haven't checked the status on that in a while, so it might be fixed.
                Are you running 1:1 NAT or port forwarding?
                Did you turn on NAT reflection as was suggested?

                1 Reply Last reply Reply Quote 0
                • T
                  TestUser007
                  last edited by

                  i have enabeled NAT reflection… works now ok...
                  Thank you guys!
                  ;D

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.